exploitDog

CVE-2025-61120

Опубликовано: 30 окт. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

AG Life Logger Android App version v1.0.2.72 and before (package name com.donki.healthy), developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force account logins feasible. Successful exploitation could result in account compromise, privacy breaches, and abuse of cloud resources.

Ссылки

https://kar1oz.notion.site/AG-Life-Logger-2629a473ecb280c693e7d5d4a99de559

EPSS

Процентиль: 15%

0.00047

Низкий

7.5 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-cr2f-9r84-8hf5

CVSS3: 7.5

github

3 месяца назад

AG Life Logger Android App version v1.0.2.72 and before (package name com.donki.healthy), developed by IO FIT, K.K., contains improper access control vulnerabilities. Exposed credentials in traffic may allow attackers to misuse cloud resources, and predictable verification codes make brute-force account logins feasible. Successful exploitation could result in account compromise, privacy breaches, and abuse of cloud resources.

EPSS

Процентиль: 15%

0.00047

Низкий

7.5 High

CVSS3

Дефекты

CWE-284