BlackVue App API Handler Vulnerability in Android

Vulnerability

A vulnerability exists in BlackVue App version 3.65 on Android, specifically within the API Handler component's deviceDelete function. This vulnerability allows for the use of the GET request method with sensitive query strings, potentially exposing confidential information. The issue can be exploited remotely, although the attack's complexity is considered high.

Impact

Exploitation of this vulnerability could lead to the exposure of sensitive information through query strings in GET requests.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BlackVue App API Handler Vulnerability in Android

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating