Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2017-16905

Description

The DuoLingo TinyCards application before 1.0 for Android has one use of unencrypted HTTP, which allows remote attackers to spoof content, and consequently achieve remote code execution, via a man-in-the-middle attack.

POC

Reference

No PoCs from references.

Github

- https://github.com/0xsaju/Awesome-Bugbounty-Writeups

- https://github.com/302Found1/Awesome-Writeups

- https://github.com/Fa1c0n35/Awesome-Bugbounty-Writeups

- https://github.com/Hacker-Fighter001/Bug-Bounty-Hunter-Articles

- https://github.com/ImranTheThirdEye/Awesome-Bugbounty-Writeups

- https://github.com/Neelakandan-A/BugBounty_CheatSheet

- https://github.com/Patrikx0x0/Awesome-Bugbounty-Writeups

- https://github.com/Prabirrimi/Awesome-Bugbounty-Writeups

- https://github.com/Prabirrimi/BugBounty_CheatSheet

- https://github.com/Prodrious/writeups

- https://github.com/R3dg0/writeups

- https://github.com/Saidul-M-Khan/Awesome-Bugbounty-Writeups

- https://github.com/Sumit0x00/Android-bug-hunting-reports--Hackerone-

- https://github.com/SunDance29/for-learning

- https://github.com/TheBountyBox/Awesome-Writeups

- https://github.com/VishuGahlyan/Awesome-Bugbounty-Writeups

- https://github.com/abuzafarhaqq/bugBounty

- https://github.com/ajino2k/Awesome-Bugbounty-Writeups

- https://github.com/alexbieber/Bug_Bounty_writeups

- https://github.com/blitz-cmd/Bugbounty-writeups

- https://github.com/bot8080/awesomeBugbounty

- https://github.com/bugrider/devanshbatham-repo

- https://github.com/choudharyrajritu1/Bug_Bounty-POC

- https://github.com/cybershadowvps/Awesome-Bugbounty-Writeups

- https://github.com/dalersinghmti/writeups

- https://github.com/deadcyph3r/Awesome-Collection

- https://github.com/devanshbatham/Awesome-Bugbounty-Writeups

- https://github.com/dipesh259/Writeups

- https://github.com/ducducuc111/Awesome-Bugbounty-Writeups

- https://github.com/fulplan/Awesome-Bugbounty-Writeups

- https://github.com/huynhvanphuc/Mobile-App-Pentest

- https://github.com/kurrishashi/Awesome-Bugbounty-Writeups

- https://github.com/kyawthiha7/Mobile-App-Pentest

- https://github.com/madhukancharla1234/bugbounty

- https://github.com/martintorrespy/Awesome-Bugbounty-Writeups

- https://github.com/piyushimself/Bugbounty_Writeups

- https://github.com/plancoo/Bugbounty_Writeups

- https://github.com/sreechws/Bou_Bounty_Writeups

- https://github.com/webexplo1t/BugBounty

- https://github.com/xbl3/Awesome-Bugbounty-Writeups_devanshbatham