CVE-2024-37406
CVE-2024-37406
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
18 Sep 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right instead of the left, which may lead to domain confusion.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected products
Brave · Android BrowserWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://hackerone.com/reports/2501378