C3R34Lk1Ll3R

Name of the Vulnerable Software and Affected Versions: Oclean Mobile Application version 2.1.2 Description: The Oclean Mobile Application communicates with an external website using HTTP, making it possible to eavesdrop on the network traffic. The content of the HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic. Recommendations: For Oclean Mobile Application version 2.1.2, consider disabling the HTTP communication with the external website until a secure communication protocol, such as HTTPS, is implemented. As a temporary workaround, restrict access to sensitive information transmitted over the network to minimize the risk of exploitation.