Arbitrary Account Password Reset Vulnerability in the Android Version of China Machine Car APP
CAMC APP is an electric vehicle time-share rental program carried out by Beijing CAMC New Energy Vehicle Leasing Co. There is an arbitrary account password reset vulnerability in the Android version of CAMC APP. Attackers can reset the account password by grabbing packets, resulting in account...