Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html | Exploit Third Party Advisory VDB Entry |
https://github.com/zadewg/RIUS | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Mar 2022, 14:56
Type | Values Removed | Values Added |
---|---|---|
First Time |
Whatsapp
Whatsapp whatsapp |
|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
CPE | cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:android:*:* cpe:2.3:a:whatsapp:whatsapp:*:*:*:*:*:iphone_os:*:* |
|
References | (MISC) https://github.com/zadewg/RIUS - Exploit, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html - Exploit, Third Party Advisory, VDB Entry | |
CWE | NVD-CWE-Other |
25 Mar 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Mar 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-23 22:15
Updated : 2023-12-10 14:22
NVD link : CVE-2020-20096
Mitre link : CVE-2020-20096
CVE.ORG link : CVE-2020-20096
JSON object : View
Products Affected
CWE