shinyColumn/CVE-2025-46408

Releases0

Stars1

Improper Hostname Verification in EagleEyes Lite Android Application

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-46408 ↗	Sep 15, 2025Monday, 15 September 2025, 14:15	9.8 CRITICAL	—
An issue was discovered in the methods push.lite.avtech.com.AvtechLib.GetHttpsResponse and push.lite.avtech.com.Push_HttpService.getNewHttpClient in AVTECH EagleEyes 2.0.0. The methods set ALLOW_ALL_HOSTNAME_VERIFIER, bypassing domain validation.