Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide accessibility permission to the malicious app, that the Android platform provides fair warnings to the users before turning on accessibility for any application, and that it believes it is similar to installing malicious keyboards, or malicious apps taking screenshots
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PhonePe wallet application for Android 安全漏洞
Vulnerability Description
PhonePe wallet(又名com.PhonePe.app)application for Android是印度Phonepe Private公司的一款基于Android平台的无现金支付应用程序。 基于Android平台的PhonePe钱包应用程序3.0.6版本至3.3.26版本中存在安全漏洞。攻击者可借助找回密码功能利用该漏洞控制账户。
CVSS Information
N/A
Vulnerability Type
N/A