PropertyGuru AgentNet Singapore Hard-Coded Segment Write Key Vulnerability

Vulnerability

A vulnerability exists in the PropertyGuru AgentNet Singapore App for Android, in versions prior to 23.7.10. The issue arises from hard-coded Segment write keys found in the BuildConfig.java file of the com.allproperty.android.agentnet component. This vulnerability allows local attackers to extract the keys through reverse engineering and use them to send arbitrary tracking events or modify user profiles via Segment's API. Such exploitation could inject fraudulent analytics data, corrupt business intelligence, disrupt user segmentation, and misuse downstream systems that rely on this data.

Impact

Exploitation of this vulnerability could lead to unauthorized injection of analytics data, manipulation of user profiles, and potential disruption of business intelligence processes and systems.

Added: Apr 3, 2026, 7:19 AM

Updated: Apr 3, 2026, 7:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

5.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

5.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PropertyGuru AgentNet Singapore Hard-Coded Segment Write Key Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating