Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WeHere Cloud Smart Lock 安全漏洞
Vulnerability Description
WeHere Cloud Smart Lock是WeHere公司的一款智能门锁应用程序。 WeHere Cloud Smart Lock v2.0.1版本存在安全漏洞,该漏洞源于APK文件泄露了一个可调用绑定物理设备API的URL,允许攻击者通过暴力破解找到有效的序列号,任意构造请求以使用该应用绑定到未知设备。
CVSS Information
N/A
Vulnerability Type
N/A