Services

IoT Security Testing Red Team Assessment Product Security AI/ML Security Audit Web Security Testing

Mobile Security Testing DevSecOps Consulting Code Review Cloud Security Critical Infrastructure

Products

EXPLIoT

EXPLIoT is framework for IoT security testing
and exploitation.

CloudFuzz

CloudFuzz is platform that lets you code for bugs
by running your software with millions of test cases.

Who we are

About Us Payatu Bandits

Resources

Blogs MasterClass Series Case Studies E-Books New Advisory Media

Tools

securecode.wiki New

Pune Location Europe Location

Technical
Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

Vulnerability

Opera Mini Location Permission Spoof Vulnerability

Vulnerability Description

A location permission spoof vulnerability was discovered in opera mini 47.1.2249.129326 for Android which allows an attacker to spoof location permission dialog box origined from attackers website while being on any legit website.

CVE ID

CVE-2018-16135

Vendor

https://www.opera.com/

Disclosure Timeline

02 August 2018 - Reported to vendor

18 August 2018 - Patch confimration received from vendor

Credits

Nikhil Mittal

Advisory

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16135

Technical Advisory