Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Miele: Vulnerability in cloud service used by appWash
Vulnerability Description
An API Endpoint used by Miele's "AppWash" MobileApp in all versions was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write access to other users data by modifying a small part of a HTTP request sent to the API. Reading or changing the password of another user was not possible, thus no impact to Availability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Miele appWash 安全漏洞
Vulnerability Description
Miele appWash是德国Miele公司的一个洗衣房数字化应用程序。 Miele appWash 存在安全漏洞,该漏洞源于使用的API端点都容易被绕过授权检查。攻击者利用该漏洞获得对数据的读写权限。
CVSS Information
N/A
Vulnerability Type
N/A