Consumer Comanda Mobile Restaurant Order Handler Cleartext Transmission Vulnerability

Vulnerability

A vulnerability allowing cleartext transmission of sensitive information has been identified in Consumer Comanda Mobile versions prior to 14.9.3.2 and 15.0.0.8. This issue affects the Restaurant Order Handler component, where the Login/Password argument can be manipulated to transmit sensitive data unencrypted. The vulnerability can only be exploited within the local network, and the complexity of the attack is considered high.

Impact

Exploitation of this vulnerability leads to the unencrypted transmission of sensitive information, specifically login credentials, which could be intercepted by an attacker on the same local network.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.0

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Consumer Comanda Mobile Restaurant Order Handler Cleartext Transmission Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating