CVE-2022-34909

An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is stored in the database...

CVE-2022-34908

An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization ...

CVE-2022-34910

An issue was discovered in the A4N Aremis 4 Nomad application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device...

Aremis 4 Nomad SQL注入漏洞

Aremis 4 Nomad A4N is an application from Aremis, Inc. A security vulnerability exists in Aremis 4 Nomad version 1.5.0. An attacker exploited the vulnerability by bypassing authentication and retrieving data stored in the database...

Aremis 4 Nomad 安全漏洞

Aremis 4 Nomad A4N is an application from Aremis, Inc. A security vulnerability exists in Aremis 4 Nomad version 1.5.0 that stems from passwords being stored in plaintext. An attacker exploiting this vulnerability could retrieve the passwords of other users using the same device...