cvedb.io
CVE-2017-15581
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-10-27T20:29:00.857 · Last modified 2026-06-17T01:07:54.967

Summary

In the "Diary with lock" (aka WriteDiary) application 4.72 for Android, neither HTTPS nor other encryption is used for transmitting data, despite the documentation that the product is intended for "a personal journal of ... secrets and feelings," which allows remote attackers to obtain sensitive information by sniffing the network during LoginActivity or NoteActivity execution.

Affected products

writediary — diary_with_lock

Does this affect you?

Add your gear to cvedb and we'll alert you only when writediary ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.