CVE-2022-35734

Summary

'Hulu / フールー' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.

Affected Software

VendorProductVersion RangeStatus
HJ Holdings, Inc.‘Hulu / フールー’ App for Androidfrom version 3.0.47 to the version prior to 3.1.2affected

Weaknesses

  • Use of Hard-coded Credentials

ADP Enrichment

CVE Program Container

Additional References

References