Fortinet Discovers QIWI Protection DLL Preloading Vulnerability
Fortinet's FortiGuard Labs has discovered a DLL preloading vulnerability in QIWI Protection .
QIWI Protection software is designed to increase security when working with the QIWI System. The application allows you to generate a certificate for authorization on QIWI sites and generate authorization data of the person for QIWI Cashier software.
No vendor patch is available.
Fortinet reported the vulnerability to Qiwi on July 18, 2017.
Qiwi confirmed the vulnerability on July 19, 2017.
This vulnerability was discovered by Kushal Arvind Shah of Fortinet's FortiGuard Labs.