.jpg)
.jpg)
.gif)
Multiple unpatched vulnerabilities have been discovered in three Android apps that allow a smartphone to be used as a remote keyboard and mouse.
The apps in question are Lazy Mouse, PC Keyboard, and Telepad, which have been cumulatively downloaded over two million times from the Google Play Store. Telepad is no longer available through the app marketplace but can be downloaded from its website.
- Lazy Mouse (com.ahmedaay.lazymouse2 and com.ahmedaay.lazymousepro)
- PC Keyboard (com.beapps.pckeyboard)
- Telepad (com.pinchtools.telepad)
While these apps function by connecting to a server on a desktop and transmitting to it the mouse and keyboard events, the Synopsys Cybersecurity Research Center (CyRC) found as many as seven flaws related to weak or missing authentication, missing authorization, and insecure communication.
The issues (from CVE-2022-45477 through CVE-2022-45483), in a nutshell, could be exploited by a malicious actor to execute arbitrary commands sans authentication or harvest sensitive information by exposing users’ keystrokes in cleartext.
The Lazy Mouse server further suffers from a weak password policy and doesn’t implement rate limiting, enabling remote unauthenticated attackers to trivially brute-force the PIN and execute rogue commands.
It’s worth noting that none of the apps have received any updates for over two years, making it imperative that users remove the apps with immediate effect.
“These three applications are widely used but they are neither maintained nor supported, and evidently, security was not a factor when these applications were developed,” Synopsys security researcher Mohammed Alshehri said.
Unique Visitors
[url=https://hydroxychloroquinetabs.online/]quineprox 750mg[/url]
[url=https://hydroxychloroquinelab.com/]hydroxychloroquine 0.5 mg[/url]
[url=http://prednisone247.com/]prednisone acetate[/url]
[url=https://medrol.cfd/]buy medrol uk[/url]
[url=http://buyclonidine.life/]clonidine for sale[/url]
[url=https://prozactabs.com/]10 mg prozac[/url] [url=https://ataraxd.monster/]atarax cost singapore[/url] [url=https://inderal.fun/]propranolol cost australia[/url] [url=https://tadalafil2023.com/]cialis 800 mg[/url] [url=https://inderal.cfd/]propranolol online australia[/url] [url=https://azithromycinz.shop/]azithromycin online[/url]
[url=http://buytetracycline.monster/]tetracycline pills[/url] [url=http://tetracyclinetabs.online/]buy tetracycline online usa[/url]
[url=https://buykamagra.life/]cheapest kamagra oral jelly online[/url]
[url=https://dexamethasonetab.shop/]dexamethasone 4 mg tablet brand name[/url]
[url=https://clopidogreltabs.online/]plavix generic[/url]
[url=http://allopurinol.life/]allopurinol medicine[/url]
I am a website designer. Recently, I am designing a website template about gate.io. The boss’s requirements are very strange, which makes me very difficult. I have consulted many websites, and later I discovered your blog, which is the style I hope to need. thank you very much. Would you allow me to use your blog style as a reference? thank you!