ID HACKAPP:DJI.GO.V4.APK
Type hackapp
Reporter Hackapp.org
Modified 2017-06-14T14:36:33
Description
HackApp vulnerability scanner discovered that application DJI GO 4--For drones since P4 published at the 'play' market has multiple vulnerabilities.
{"id": "HACKAPP:DJI.GO.V4.APK", "bulletinFamily": "software", "title": "DJI GO 4--For drones since P4 - Certificates or keys found, Corrupted files, Exported ContentProvider vulnerabilities", "description": "HackApp vulnerability scanner discovered that application DJI GO 4--For drones since P4 published at the 'play' market has multiple vulnerabilities.", "published": "2017-06-14T14:36:33", "modified": "2017-06-14T14:36:33", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://hackapp.com/report/893d52c358968700e6d788818bd43f62", "reporter": "Hackapp.org", "references": ["https://play.google.com/store/apps/details?id=dji.go.v4&hl=en"], "cvelist": [], "type": "hackapp", "lastseen": "2018-08-02T15:59:11", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "d70ef6d15a30013384004d6aeb9d3de4"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "7ede2d7066b3c8646a9924bd2b328cdf"}, {"key": "hackapp", "hash": "d460a5b0aad1e5fec2e28ebffb96544b"}, {"key": "href", "hash": "1186cb03a0f01b876db5b913a185f98d"}, {"key": "modified", "hash": "3cae66ade52eeb0a393bbc2cafc9e752"}, {"key": "published", "hash": "3cae66ade52eeb0a393bbc2cafc9e752"}, {"key": "references", "hash": "d1a2f1dd74b5c9f70d9f68f8e66843ec"}, {"key": "reporter", "hash": "3b012aae1848bb95fe11f3cebae83cb0"}, {"key": "title", "hash": "328c8e0a1650054bcdb94bb0955e25df"}, {"key": "type", "hash": "96e87ef1fcc8d9d3cdd337488987c423"}], "hash": "474e83a2cdb244c09456230a759722698fc08605febc997825559a70327dc988", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-08-02T15:59:11"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "DJI GO 4--For drones since P4", "operator": "le", "version": "N/A"}], "hackapp": {"apk": "DJI.GO.V4.APK", "bugs": [{"description": "Exported ContentProvider is available to other apps.", "id": "51663598e5bfc155e785b28c821df1e4", "name": "Exported ContentProvider", "severity": "critical"}, {"description": "These credentials could be used for authentication.", "id": "19735f3de1ee01e14f41131f5120e012", "name": "Certificates or keys found", "severity": "medium"}, {"description": "Are you sure these files should be here?", "id": "001c38af6afc765c5293659fd98311f7", "name": "Suspicious files", "severity": "notice"}, {"description": "Can't parse these files. Corrupted? Check manually.", "id": "149ec4d0973c1e2c73f90c1b6e49fe75", "name": "Corrupted files", "severity": "notice"}, {"description": "Other applications could access the interfaces.", "id": "05b1fbb1325e524e8004df708bd77a71", "name": "Exported components", "severity": "medium"}, {"description": "Native code (.so) usage 'System.loadLibrary();' is found.", "id": "5156440eeb5ce6e3a6fb7adf3bfec1e3", "name": "Native code usage", "severity": "notice"}, {"description": "All items deleted with 'file.delete()' could be recovered.", "id": "6edc5a0809c2d13e1e709041819d4490", "name": "Unsafe deleting", "severity": "notice"}], "icon": "http://lh3.googleusercontent.com/ffJuQTaGs2aCLPDBxWslRHs9J77eDNJygOpZrUx0gtTTV0OLopmxp9s6N-P9ozJafl6a=w300", "link": "https://play.google.com/store/apps/details?id=dji.go.v4&hl=en", "name": "DJI GO 4--For drones since P4", "release": "2017-06-01T00:00:00", "store": "play", "vendor": "DJI TECHNOLOGY CO., LTD", "version": "N/A"}}
{}
