Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Taipower|Taipower APP(Android) - Improper Certificate Validation
Vulnerability Description
Taipower APP for Andorid developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the vulnerability to perform a Man-in-the-Middle (MITM) attack to read and tamper with network packets.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
证书验证不恰当
Vulnerability Title
Taipower APP 信任管理问题漏洞
Vulnerability Description
Taipower APP是中国台湾Taipower公司的一款用于办理电力相关服务的应用。 Taipower APP存在信任管理问题漏洞,该漏洞源于证书验证不当,可能导致中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A