NTT Photopt App Man-in-the-Middle Attack Vulnerability

NTT Photopt App is a suite of applications for managing photos from the NTT Nippon Telegraph and Telephone Corporation group in Japan. A security vulnerability exists in NTT Photopt App version 1.0.0 and 1.1.0, which can be exploited by attackers to conduct man-in-the-middle attacks and listen to...

Photopt App fails to verify SSL server certificates

Overview Photopt App provided by NTT Communications Corporation fails to verify SSL server certificates. Yuto Iso reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow an...