CVE-2026-5457 | PropertyGuru AgentNet Singapore App up to 23.7.10 on Android com.allproperty.android.agentnet BuildConfig.java SEGMENT_ANDROID_WRITE_KEY/SEGMENT_TOS_WRITE_KEY hard-coded key

A vulnerability was found in PropertyGuru AgentNet Singapore App up to 23.7.10 on Android and classified as problematic. This affects an unknown function of the file com/allproperty/android/agentnet/BuildConfig.java of the component com.allproperty.android.agentnet. The manipulation of the argument SEGMENT_ANDROID_WRITE_KEY/SEGMENT_TOS_WRITE_KEY results in use of hard-coded cryptographic key
.

This vulnerability is cataloged as CVE-2026-5457. The attack must be initiated from a local position. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5457 | PropertyGuru AgentNet Singapore App up to 23.7.10 on Android com.allproperty.android.agentnet BuildConfig.java SEGMENT_ANDROID_WRITE_KEY/SEGMENT_TOS_WRITE_KEY hard-coded key

Post correlati

CVE-2026-34795 | Endian Firewall 3.3.25 Regular Expression /cgi-bin/logs_log.cgi open Date os command injection

CVE-2024-48461 | TeslaLogger Admin Panel up to 1.59.5 New Journey cross site scripting

CVE-2025-8686 | WP Easy FAQs Plugin up to 1.0.5 on WordPress Shortcode WP_EASY_FAQ cross site scripting

CVE-2024-13893 | Smartwares CIP-37210AT/C724IP up to 3.3.0 Telnet Service default credentials