Meatmeet Android Mobile Application Information Disclosure Vulnerability

A vulnerability exists in the Meatmeet Android Mobile Application version 1.1.2.0, allowing an exported activity to access a hidden page not available through regular application flows. This page reveals several devices that can be added to the user's account, including two unreleased models. Consequently, an attacker could gain unauthorized knowledge of these unreleased Meatmeet devices.

Impact

Exploitation of this vulnerability could lead to unauthorized access to information about unreleased Meatmeet devices.

Reproduction

To reproduce this vulnerability, an exported activity must be initiated that opens the hidden page containing the device information. This can be done by using a tool or method that exports an activity from the Meatmeet application, which then reveals the hidden page with the device details.