Home
Description
The mobile application insecurely handles information stored within memory. By performing a memory dump on the application after a user has logged out and terminated it, Wi-Fi credentials sent during the pairing process, JWTs used for authentication, and other sensitive details can be retrieved. As a result, an attacker with physical access to the device of a victim can retrieve this information and gain unauthorized access to their home Wi-Fi network and Meatmeet account.
References
github.com/...tion/Sensitive Information-Stored-in-Memory.md
gist.github.com/...nfluence/4dffc239b4a460f41a03345fd8e5feb5
