CVE-2021-43512 FlightRadar24's v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android can be decompiled and has API keys that can be extracted. These vulnerabilities allow attackers to cause unspecified consequences.

CVE-2021-43512 FlightRadar24's v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android can be decompiled and has API keys that can be extracted. These vulnerabilities allow attackers to cause unspecified consequences.

There is also a Cross-Site Request Forgery issue where a malicious user can exploit the web interface of FlightRadar24 to make arbitrary requests to other websites.

CVE-2018-11505 - Remote Code Execution in the Web Interface CVE-2018-11506 - Remote Code Execution in the Web Interface CVE-2018-11507 - Remote Code Execution in the Web Interface CVE-2018-11508 - Remote Code Execution in the Web Interface CVE-2018-11509 - Remote Code Execution in the Web Interface CVE-2018-11510 - Remote Code Execution in the Web Interface CVE-2018-11511 - Remote Code Execution in the Web Interface CVE-2018-11512 - Remote Code Execution in the Web Interface CVE-2018-11513 - Remote Code Execution in the Web Interface CVE-2018-11514 - Remote Code Execution in the Web Interface CVE-2018-11515 - Remote Code Execution in the Web Interface CVE-2018-11516 - Remote Code Execution in the Web Interface CVE-2018-11517 - Remote Code Execution in the Web Interface CVE-2018-11518 - Remote Code Execution in the Web Interface CVE-2018-11519 - Remote Code Execution in the Web Interface CVE-2018-11520 - Remote Code Execution in the Web Interface CVE-2018-11521 - Remote Code Execution in the Web Interface CVE-2018-11522 - Remote Code Execution in the Web Interface CVE-2018-11523 - Remote Code Execution in the Web

Remote Code Execution in the Web Interface

There is also a Remote Code Execution in the Web Interface that was discovered on December 5, 2018.
CVE-2018-11519 - Remote Code Execution in the Web Interface
There is also a Remote Code Execution in the Web Interface that was discovered on December 9, 2018.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe