Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rakuten vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2015-2988
Rakuten card App for iOS 5.2.0 up to and including 5.2.4 does not verify SSL certificates which might allow remote malicious users to execute man-in-the-middle attacks.
Rakutencard Rakuten Card 5.2.0
Rakutencard Rakuten Card 5.2.2
Rakutencard Rakuten Card 5.2.4
Rakutencard Rakuten Card 5.2.1
Rakutencard Rakuten Card 5.2.3
9.8
CVSSv3
CVE-2022-29525
Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a remote unauthenticated malicious user to log in with the root privilege and perform an arbitrary operation.
Rakuten Casa Ap F V2 0 0
Rakuten Casa Ap F V1 4 1
7.5
CVSSv3
CVE-2022-26834
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote malicious user to obtain the information stored in the product because the product is set to accept HTTP connections from the WAN side by default.
Rakuten Casa Ap F V2 0 0
Rakuten Casa Ap F V1 4 1
7.2
CVSSv3
CVE-2022-28704
Improper access control vulnerability in Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 allows a remote malicious user to log in with the root privilege and perform an arbitrary operation if the product is in its default settings in which is set to accept SSH connections from th...
Rakuten Casa Ap F V2 0 0
Rakuten Casa Ap F V1 4 1
8.8
CVSSv3
CVE-2019-18800
Viber up to and including 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext informat...
Rakuten Viber
5.4
CVSSv3
CVE-2023-40282
Improper authentication vulnerability in Rakuten WiFi Pocket all versions allows a network-adjacent malicious user to log in to the product's Management Screen. As a result, sensitive information may be obtained and/or the settings may be changed.
Rakuten Wifi Pocket Firmware -
7.5
CVSSv3
CVE-2020-14049
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password crack...
Rakuten Viber
6.5
CVSSv3
CVE-2019-6024
Rakuma App for Android version 7.15.0 and previous versions, and for iOS version 7.16.4 and previous versions allows an malicious user to bypass authentication and obtain the user's authentication information via a malicious application created by the third party.
Rakuten Rakuma
7.8
CVSSv3
CVE-2019-12569
A vulnerability in Viber prior to 10.7.0 for Desktop (Windows) could allow an malicious user to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincin...
Rakuten Viber
5.5
CVSSv3
CVE-2018-3987
An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a chat either by using a time trigger or by direct reques...
Rakuten Viber 9.3.0.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »