Published:2015/09/11  Last Updated:2016/05/27

JVN#04644117
Japan Connected-free Wi-Fi vulnerable to allow URL whitelist bypass

Overview

Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. allows applications to access URLs that are not approved in the whitelist.

Products Affected

  • Japan Connected-free Wi-Fi for Android 1.15.1 and earlier
  • Japan Connected-free Wi-Fi for iOS 1.13.0 and earlier that have not applied the contents update provided on April 26, 2016
[Added on May 27, 2016]
Note that the versions released on July, 2015 did not address the vulnerability completely. Newer firmware versions have been released.

Description

Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. contains an issue where an arbitrary page may be loaded if the application is launched with the URL-scheme.

Impact

Android version of this app may allow an arbitrary API to be executed if permissions to execute that API are granted in the android manifest.
iOS version of this app may allow an arbitrary API to be executed.

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
NTT Broadband Platform, Inc. Vulnerable 2015/09/11

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v2 AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score: 6.8
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Kenta Suefusa and Tomonori Shiomi of Sprout Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2015-5629
JVN iPedia JVNDB-2015-000115

Update History

2016/05/27
Information under "Products Affected" and "Impact" were updated