CVE-2024-49418

Summary

Insufficient verification of url authenticity in GamingHub prior to version 6.1.03.4 in Korea, 7.1.02.4 in Global allows remote attackers to enable JavaScript in its webview.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileGamingHub6.1.03.4 in Korea, 7.1.02.4 in Globalunaffected

Weaknesses

  • CWE-20: Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References