| Título | PropertyGuru AgentNet Singapore(com.allproperty.android.agentnet) 23.7.10 Segment Write Key Exposure |
|---|
| Descrição | In the Android application com.allproperty.android.agentnet version 23.7.10, two hardcoded Segment write keys were discovered in the source file com/allproperty/android/agentnet/BuildConfig.java. An attacker can extract these keys through reverse engineering and use it to send arbitrary tracking events and modify user profiles via Segment’s API. This allows injection of fraudulent analytics data, potentially leading to corrupted business intelligence, incorrect user segmentation, and misuse of downstream systems that rely on this data. |
|---|
| Fonte | ⚠️ https://www.notion.so/Segment-Write-Key-Exposure-Leading-to-Data-Injection-and-User-Profile-Manipulation-In-com-allpropert-3262de3f97fb80b5aa5ae52475bf155e?source=copy_link |
|---|
| Utilizador | fxizenta (UID 28116) |
|---|
| Submissão | 17/03/2026 14h12 (há 20 dias) |
|---|
| Moderação | 03/04/2026 00h22 (16 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 355045 [PropertyGuru AgentNet Singapore App até 23.7.10 em Android com.allproperty.android.agentnet BuildConfig.java SEGMENT_ANDROID_WRITE_KEY/SEGMENT_TOS_WRITE_KEY Encriptação fraca] |
|---|
| Pontos | 17 |
|---|