漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Miele: Vulnerability in cloud service used by appWash
Vulnerability Description
An API Endpoint used by Miele's "AppWash" MobileApp in all versions was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write access to other users data by modifying a small part of a HTTP request sent to the API. Reading or changing the password of another user was not possible, thus no impact to Availability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Miele appWash 安全漏洞
Vulnerability Description
Miele appWash是德国Miele公司的一个洗衣房数字化应用程序。 Miele appWash 存在安全漏洞,该漏洞源于使用的API端点都容易被绕过授权检查。攻击者利用该漏洞获得对数据的读写权限。
CVSS Information
N/A
Vulnerability Type
N/A