IDOR Vulnerability Exposes Backend Infrastructure of Mobile Device Monitoring Services

IDOR Vulnerability Exposes Backend Infrastructure of Mobile Device Monitoring Services

CVE-2022-0732 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability.

Learn more about our Api Penetration Testing.