Home News Security bug in OnePlus Phones leaks users’ information

Security bug in OnePlus Phones leaks users’ information


A critical security vulnerability with OnePlus device’s wallpaper application, Shot on OnePlus, leaks hundreds of the user’s email address and other information. The Shot on OnePlus is an application used to access photos uploaded by the OnePlus users.

The flaw exists in the Application Programming Interface (API), used to host the photos in the device, that facilitates the connectivity between the server and the OnePlus application. The API, which is hosted on open.oneplus.net is insecure and can be accessed by the attackers by exploiting the vulnerability, 9to5Google reported.

The vulnerability can expose the photo details, including photo code, author, email addresses, focal-length, photo topic, uploaded location, and the uploaded time. It’s believed that the app has leaked the details since its release, according to 9to5Google. OnePlus notified the users that the issue was fixed and made changes to its API.

One Plus has often been touted as the flagship killer and the subsidiary of Oppo has always lived up to its name for several reasons including build, cameras, display, the speed with value for money topping it up.  With that in mind the latest outing from the smartphone maker, One Plus 7 Pro, the flagship of flagship killers came loaded with everything you could have ever asked for, but also came with a lofty price the purist fans were not so used to. Nevertheless, the 12 GB version indeed continues to be one of the best One Plus phones to ever roll out. But then, soon after the launch, came the biggest security hindrance.

The One Plus 7 Pro like several other phones is almost bezel-less, has one of the best in class pop out selfie cameras and has an on-screen or under the screen, whichever you prefer calling it, fingerprint unlock. It seems like device security wasn’t always the forte for the brand. The new One Plus 7 Pro is no exception as well.  Days after the phone was launched, someone has managed to hack the fingerprint scanner. And all the One Plus 7 Pro need was a gum fingerprint. The host of the Max Tech video used a hot-glue gun, tinfoil, some white school glue, and made a gum fingerprint to unlock the phone and voila the phone was unlocked. The method is one of the oldest fingerprint hacking technique.