High severity7.5NVD Advisory· Published Oct 27, 2017· Updated May 13, 2026

CVE-2017-15582

Description

In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.

Affected products

Writediary/Diary With Lock
cpe:2.3:a:writediary:diary_with_lock:4.72:*:*:*:*:android:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1337sec.blogspot.de/2017/10/auditing-writediarycom-cve-2017-15581.htmlnvdIssue TrackingThird Party Advisory
gist.github.com/anonymous/603b89f864a71426042b167cab557efanvdIssue TrackingThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000