{"id":72686,"date":"2025-10-30T19:45:36","date_gmt":"2025-10-30T16:15:36","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-61117-senza-keto-fasting-android-app-account-takeover-vulnerability\/"},"modified":"2025-10-30T19:45:36","modified_gmt":"2025-10-30T16:15:36","slug":"cve-2025-61117-senza-keto-fasting-android-app-account-takeover-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-61117-senza-keto-fasting-android-app-account-takeover-vulnerability\/","title":{"rendered":"CVE-2025-61117 &#8211; Senza: Keto &amp; Fasting Android App Account Takeover Vulnerability"},"content":{"rendered":"<p>CVE ID : CVE-2025-61117<\/p>\n<p>Published :  Oct. 30, 2025, 4:15 p.m. | 1\u00a0hour, 10\u00a0minutes ago<\/p>\n<p>Description : Senza: Keto &amp; Fasting Android App version 2.10.15 (package name com.gl.senza), developed by Paul Itoi, contains an improper access control vulnerability. By exploiting insufficient checks in user data API endpoints, attackers can obtain authentication tokens and perform account takeover. Successful exploitation could result in unauthorized account access, privacy breaches, and misuse of the platform.<\/p>\n<p>Severity: 0.0 | NA<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-61117 Published : Oct. 30, 2025, 4:15 p.m. | 1\u00a0hour, 10\u00a0minutes ago Description : Senza: Keto &amp; Fasting Android App version 2.10.15 (package name com.gl.senza), developed by Paul Itoi, contains an improper access control vulnerability. By exploiting insufficient checks in user data API endpoints, attackers can obtain authentication tokens and perform account &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-72686","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72686","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=72686"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/72686\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=72686"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=72686"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=72686"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}