Questions Chat & Ask AI by Codeway 400M Database Leak
- Thread starter
- Thread Author
- #1
So this app "Chat & Ask AI by Codeway" was apperantly had open firebase or whatever db and covertteam's firehound tool caught it ( in here You must be logged in to see this link.) Theres supposed to be data for 18M users and stuff. The app or rulesets for the db or whatever has been fixed already. However this exploit has been available for years and it hasnt been fixed instantly after the public announcement (You must be logged in to see this link.).
Update:
After analyzing the situation manually myself I have realized that they have fixed access rules for the DB and auth but as for the storage its still wide open, you can literally access anything thats been uploaded by 18m+ users. Although it's not useful for anyone I guess.
Chat & Ask AI by Codeway" was apperantly had open firebase or whatever db and covertteam's firehound tool caught it ( in here You must be logged in to see this link.) Theres supposed to be data for 18M users and stuff. The app or rulesets for the db or whatever has been fixed already. However this exploit has been available for years and it hasnt been fixed instantly after the public announcement (You must be logged in to see this link.).
So I am wondering if anyone has downloaded this data or if anyone has seen it shared anywhere? Any knowledge is appreciated.
Update:After analyzing the situation manually myself I have realized that they have fixed access rules for the DB and auth but as for the storage its still wide open, you can literally access anything thats been uploaded by 18m+ users. Although it's not useful for anyone I guess.
Last edited: