CNNVD-202510-4205 Information

CNNVD ID

CNNVD-202510-4205

Related CVE

CVE-2025-61114

• CNNVD Published: 2025-10-30

Description (Chinese)

AutoBizLine 2nd Line Android App是美国AutoBizLine公司的一个手机通讯应用。 AutoBizLine 2nd Line Android App v1.2.92及之前版本存在安全漏洞，该漏洞源于身份验证机制存在访问控制不当，服务器仅验证user_token首字符，可能导致暴力破解令牌和未经授权访问用户数据。

Description (English)

AutoBizLine 2nd Line Android App is a mobile phone communication application for AutoBizLine in the United States. The security gap in AutoBizLine 2nd Line Android App v1.2.92 and earlier versions stems from the inappropriate access controls of the authentication mechanism and the fact that the server validates only the first characters of the user token, which can lead to violent deciphering of tokens and unauthorized access to user data.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

AutoBizLine

Published

2025-10-30

Last Modified

2026-02-24

References

https://kar1oz.notion.site/2nd-Line-2629a473ecb280739ecac2d316da666c https://access.redhat.com/security/cve/cve-2025-61114