0-day
5 posts
Ovice.in XSS based unsafe token theft and elevated authority 0-day Vulnerability Report

Attack Type XSS Weak algorithm Hardcoded credentials Attack Effect Security Check Bypass Privilege Escalation Found Location It is a related page that proceeds with token management when logging in to the initial account. It can be seen that data of the App object, which is a window object sub-attribute, is managed. The object deals with the data type, which is used as a branch to conduct socket communication suitable for the authority. Authority management for the user is performed, and the…

August 01, 2022
0-day
Ovice.in Picket Static Object XSS 0-day Vulnerability Report

Attack Type XSS Weak algorithm. Attack Effect Security Check Bypass Privilege Escalation Found Location Users of administrative authority have the authority to create static objects. A exists in a Statistic Object. provide a variety of contents using the editor function. api is called when installing a static object. When clicking on the installed static object, api is called. When modifying the installed static object, the api is called. Attack Point If you have a user account who has pe…

August 01, 2022
0-day
Spatial.io Application Level DOS attack based on Pro Feature 0-day vulnerability report

Attack Type Client Side Code Injection Application-Level Denial-of-Service (DoS) App Crash Malformed Android Intents Attack Effect Application Level DOS Due to the Application Level DoS attack, normal functions operate the service abnormally, resulting in financial losses and time value investment, while reducing the reliability of the company. Vulnerability Detected Location index.android.bundle Congregate Around Actor feature Respawn Other In Host spots feature iL2cpp.so SessionRPC Attack Poi…

July 12, 2022
0-day
Spatial.io Commercial Service Feature Bypass 0-day Vulnerability Report

Overview During last year’s research, we conducted vulnerability analysis targeting metaverse-based commercial platforms. Among them, we would like to share some of the vulnerabilities that have been reported to the target company and have passed over time. When you think of the real metaverse as a category, you can see that all technologies are gathered in one place and are harmonious. Among them, based on mobile and VR equipment, you will feel closer to the three major elements of the metaver…

July 10, 2022
0-day
Gather.town Portal feature SandBox Escape RCE 0-day Vulnerability Report

Overview During last year’s research, we conducted vulnerability analysis targeting metaverse-based commercial platforms. Among them, we would like to share some of the vulnerabilities that have been reported to the target company and have passed over time. When you think of the real metaverse as a category, you can see that all technologies are gathered in one place and are harmonious. Among them, based on mobile and VR equipment, you will feel closer to the three major elements of the metaver…

July 01, 2022
0-day