CVE-2023-39736

Published: Oct 25, 2023Modified: Nov 21, 2024

8.2

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Exploitability: 3.9 / Impact: 4.2

Source: NVD

Description

The leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

Affected (1)

Products: Linecorp: Fukunaga Memberscard

Linecorp

1 product

Fukunaga Memberscard

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linecorp Fukunaga Memberscard	Version 13.6.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39736.md

Source: cve@mitre.org

Exploit

https://liff.line.me/1657606123-4Kp0xVrP

Source: cve@mitre.org

Product

https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39736.md

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://liff.line.me/1657606123-4Kp0xVrP

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.