IDOR Vulnerability Exposes Backend Infrastructure of Mobile Device Monitoring Services
CVE-2022-0732 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability.
Learn more about our Api Penetration Testing.