PT-2025-44424 · Unknown · 2Nd Line Android App

Published

2025-10-30

Updated

2025-10-30

CVE-2025-61114

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions 2nd Line Android App versions v1.2.92 and earlier

Description The 2nd Line Android App has an issue with how it controls access during authentication. The server only checks the first character of the user token, which allows attackers to guess valid tokens. If successful, an attacker could access other users' accounts without permission, potentially exposing private information and data.

Recommendations Update the 2nd Line Android App to a version later than v1.2.92.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2025-61114

Affected Products

2Nd Line Android App

PT-2025-44424 · Unknown · 2Nd Line Android App

CVE-2025-61114

Weakness Enumeration

Related Identifiers

Affected Products

References · 3