Remote Listening Vulnerability in Wokka Lokka Q50 Devices

Remote Listening Vulnerability in Wokka Lokka Q50 Devices

CVE-2021-44480 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Wokka Lokka Q50 devices through 2021-11-30 allow remote attackers (who know the SIM phone number and password) to listen to a device's surroundings via a callback in an SMS command, as demonstrated by the 123456 and 523681 default passwords.

Learn more about our Web Application Penetration Testing UK.