Unauthorized Access to Device IMEI and Serial Number in Waterplugin prior to 2.2.11.22040751

Unauthorized Access to Device IMEI and Serial Number in Waterplugin prior to 2.2.11.22040751

CVE-2022-36874 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.

Learn more about our Web Application Penetration Testing UK.