exploitDog

CVE-2023-3066

Опубликовано: 05 июн. 2023

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20.

Ссылки

https://borelenzo.github.io/stuff/2023/06/02/cve-2023-3064_65_66.html
Exploit
Third Party Advisory
https://borelenzo.github.io/stuff/2023/06/02/cve-2023-3064_65_66.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mobatime:amxgt_100:*:*:*:*:*:android:*:*

Версия до 1.3.20 (включая)

EPSS

Процентиль: 21%

0.00069

Низкий

8.1 High

CVSS3

Дефекты

CWE-863

CWE-639

Связанные уязвимости

GHSA-8jvm-2mxj-236c

CVSS3: 8.1

github

больше 2 лет назад

Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20.

EPSS

Процентиль: 21%

0.00069

Низкий

8.1 High

CVSS3

Дефекты

CWE-863

CWE-639