China Telecom WingPay Android client gesture lock has design flaws

Wing Pay is a mobile payment service launched by China Telecom. A design vulnerability exists in the gesture lock of the Wing Pay Android client. By exploiting the vulnerability, an attacker can bypass the gesture lock security mechanism of the Wing Pay Android client and obtain users' private...

China Telecom's Wing Pay App Has Multiple Vulnerabilities

Wing Pay is the business brand of China Telecom that operates payment and internet finance. Wing Pay APP 3.9.6 has multiple security vulnerabilities, including: global file read/write vulnerability; configuration file read/write vulnerability; trust arbitrary security certificate vulnerability;...