Clear-text Password Disclosure in Ourphoto App Version 1.4.1: Exploiting Insecure Direct Object References for Unauthorized Access

Clear-text Password Disclosure in Ourphoto App Version 1.4.1: Exploiting Insecure Direct Object References for Unauthorized Access

CVE-2022-24188 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password information for functionality within the picture frame devices. The deviceVideoCallPassword and mqttPassword are returned in clear-text. The lack of sessions management and presence of insecure direct object references allows to return password information for other end-users devices. Many of the picture frame devices offer video calling, and it is likely this information can be used to abuse that functionality.

Learn more about our User Device Pen Test.