| 제목 | RICO.COM.VC Rico(br.com.rico.mobile) 4.58.32.12421 Segment Write Key Exposure |
|---|
| 설명 | In the Android application br.com.rico.mobile version 4.58.32.12421, a hardcoded Segment write key was discovered in the source file br/com/rico/mobile/di/SegmentSettingsModule.java. An attacker can extract this key through reverse engineering and use it to send arbitrary tracking events and modify user profiles via Segment’s API. This allows injection of fraudulent analytics data, potentially leading to corrupted business intelligence, incorrect user segmentation, and misuse of downstream systems that rely on this data. |
|---|
| 원천 | ⚠️ https://www.notion.so/Segment-Write-Key-Exposure-Leading-to-Data-Injection-and-User-Profile-Manipulation-In-br-com-rico-mo-3262de3f97fb800a9bfef6e6fd7d7179?source=copy_link |
|---|
| 사용자 | fxizenta (UID 28116) |
|---|
| 제출 | 2026. 03. 17. PM 01:57 (20 날 ago) |
|---|
| 모더레이션 | 2026. 04. 03. AM 12:11 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 355041 [Rico só vantagem pra investir App 까지 4.58.32.12421 켜짐 Android br.com.rico.mobile SegmentSettingsModule.java SEGMENT_WRITE_KEY 약한 암호화] |
|---|
| 포인트들 | 17 |
|---|