Exploitation Summary
EIP tracks 1 public exploit for CVE-2021-24027. PoCs published by CENSUS.
AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2021-24027, leveraging Man-in-the-Disk (MitD) and Man-in-the-Middle (MitM) techniques to exploit WhatsApp for Android. The exploit uses Frida to hook WhatsApp, send phishing messages, and exfiltrate session files via an HTTP server.
Description
A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read cached TLS material.
Exploits (1)
This repository contains a functional exploit PoC for CVE-2021-24027, leveraging Man-in-the-Disk (MitD) and Man-in-the-Middle (MitM) techniques to exploit WhatsApp for Android. The exploit uses Frida to hook WhatsApp, send phishing messages, and exfiltrate session files via an HTTP server.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N