CVE-2025-65820

Sažetak

An issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can be spawned with the mobile application which opens a hidden page. This page, which is not available through the normal flows of the application, contains several devices which can be added to your account, two of which have not been publicly released. As a result of this vulnerability, the attacker can gain insight into unreleased Meatmeet devices.

Reference

https://gist.github.com/dead1nfluence/4dffc239b4a460f41a03345fd8e5feb5#file-information-disclosure-md
https://github.com/dead1nfluence/Meatmeet-Pro-Vulnerabilities/blob/main/Mobile-Application/Information-Disclosure.md

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

17-12-2025 - 20:03

Objavljeno

10-12-2025 - 21:16