CNNVD-202508-048 Information

CNNVD ID

CNNVD-202508-048

Related CVE

CVE-2025-46018

• CNNVD Published: 2025-08-01

Description (Chinese)

Opay Mobile application是Opay公司的一个轻量级应用程序。用于管理所有银行或支付需求。 Opay Mobile application 2.19.4版本存在安全漏洞，该漏洞源于允许用户在交易特定时刻通过禁用蓝牙绕过支付授权，可能导致未经授权使用洗衣服务和财务损失。

Description (English)

Opay Mobile Application is a lightweight application for Opay. To manage all bank or payment requirements. There is a security loophole in version 2.19.4 of Opay Mobile Application, which arises out of the possibility that unauthorized use of laundry services and financial losses may result from allowing users to circumvent payment authorizations by banning the use of bluetooth at a given point in the transaction.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Opay

Published

2025-08-01

Last Modified

2026-02-24

References

https://github.com/niranjangaire1995/CVE-2025-46018-CSC-Pay-Mobile-App-Payment-Authentication-Bypass https://www.cscsw.com/disclosure-process/ https://access.redhat.com/security/cve/cve-2025-46018