15 matches found
CVE-2025-3646
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...
CVE-2025-3653
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control vulnerability that allows unauthorized device manipulation by accepting arbitrary serial numbers without ownership verification. Attackers can control any device by sending serial numbers to device contro...
CVE-2025-3660
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains a broken access control vulnerability that allows authenticated users to access other users' pet data by exploiting missing ownership verification. Attackers can send requests to /member/pet/detailV2 with arbitrary pet IDs to...
CVE-2025-3652
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with...
Petlibro Smart Pet Feeder Platform 安全漏洞
Petlibro Smart Pet Feeder Platform is a smart pet management system from Petlibro. A security vulnerability exists in Petlibro Smart Pet Feeder Platform version 1.7.31 and earlier, which stems from a flaw in OAuth token authentication that could lead to authentication bypass...
Petlibro Smart Pet Feeder Platform 安全漏洞
Petlibro Smart Pet Feeder Platform is a smart pet management system from Petlibro. A security vulnerability exists in Petlibro Smart Pet Feeder Platform version 1.7.31 and earlier, which stems from an insecure API endpoint that could lead to information disclosure...
Petlibro Smart Pet Feeder Platform 安全漏洞
Petlibro Smart Pet Feeder Platform is a smart pet management system from Petlibro. A security vulnerability exists in Petlibro Smart Pet Feeder Platform version 1.7.31 and earlier, which stems from a sequential audio ID and an insecurely assigned endpoint that could lead to unauthorized access to...
Petlibro Smart Pet Feeder Platform 安全漏洞
Petlibro Smart Pet Feeder Platform is a smart pet management system from Petlibro. A security vulnerability exists in Petlibro Smart Pet Feeder Platform version 1.7.31 and earlier, which stems from a lack of ownership validation and could lead to accessing other users' pet data...
Petlibro Smart Pet Feeder Platform 安全漏洞
Petlibro Smart Pet Feeder Platform is a smart pet management system from Petlibro. A security vulnerability exists in Petlibro Smart Pet Feeder Platform version 1.7.31 and earlier, which stems from improper access control and could lead to unauthorized device manipulation...
CVE-2025-3654
Petlibro Smart Pet Feeder Platform (vulnerable up to 1.7.31) exposes an information disclosure via insecure API endpoint /device/devicePetRelation/getBoundDevices. Attackers can retrieve device hardware identifiers (serial numbers, MAC addresses) by supplying a pet ID, potentially enabling unauth...
CVE-2025-3652 Petlibro Smart Pet Feeder Platform through 1.7.31 Audio Information Disclosure via API endpoint
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to private audio recordings by exploiting sequential audio IDs and insecure assignment endpoints. Attackers can send requests to /device/deviceAudio/use with...
CVE-2025-3653 Petlibro Smart Pet Feeder through 1.7.31 Platform Improper Access Control via API endpoint
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an improper access control vulnerability that allows unauthorized device manipulation by accepting arbitrary serial numbers without ownership verification. Attackers can control any device by sending serial numbers to device contro...
CVE-2025-3646 Petlibro Smart Pet Feeder Platform through 1.7.31 Authorization Bypass via Device Share API
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain unauthorized acce...
CVE-2025-15115 Petlibro Smart Pet Feeder Platform through 1.7.31 Authentication Bypass via API endpoint
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authentication bypass vulnerability that allows unauthenticated attackers to access any user account by exploiting OAuth token validation flaws in the social login system. Attackers can send requests to /member/auth/thirdLogin...
PT-2026-1183
Name of the Vulnerable Software and Affected Versions Petlibro Smart Pet Feeder Platform versions up to 1.7.31 Description An access control issue exists in the Petlibro Smart Pet Feeder Platform that allows authorized users to view data belonging to other users. This occurs because of a lack of...