exploitDog

GHSA-rx38-xpj5-528c

Опубликовано: 21 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs.

The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs.

Ссылки

EPSS

Процентиль: 35%

0.00145

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2022-33944

CVSS3: 6.5

nvd

больше 3 лет назад

The main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter “Device ID,” which accepts arbitrary device IDs.

EPSS

Процентиль: 35%

0.00145

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-639