Goi Si Han - Security Researcher - Exploit Intelligence Platform

CVE-2020-35454 WRITEUP MEDIUM WRITEUP

Taidii Diibear - Cleartext Storage

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration.

CVSS 6.8

View Code

CVE-2020-35455 WRITEUP HIGH WRITEUP

Taidii Diibear - Cleartext Storage

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage.

CVSS 7.8

View Code

CVE-2020-35456 WRITEUP MEDIUM WRITEUP

Taidii Diibear - Cleartext Transmission

The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging.

CVSS 5.5

View Code