In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded SecretKey and iv variables are used for the AES parameters, which makes it easier for attackers to obtain the cleartext of stored diary entries.
https://gist.github.com/anonymous/603b89f864a71426042b167cab557efa
https://1337sec.blogspot.de/2017/10/auditing-writediarycom-cve-2017-15581.html
Source: Mitre, NVD
Published: 2017-10-27
Updated: 2026-06-17
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Severity: Medium
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: High
EPSS: 0.00234