CVE-2024-49419

Summary

Insufficient verification of url authenticity in GamingHub prior to version 6.1.03.4 in Korea, 7.1.02.4 in Global allows remote attackers to load an arbitrary URL in its webview.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileGamingHub6.1.03.4 in Korea, 7.1.02.4 in Globalunaffected

Weaknesses

  • CWE-20: Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References