27 matches found
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection in the Apple MDM profile delivery pipeline. An attacker can access or modify sensitive database contents, such as user credentials, API tokens, and device enrollment secrets, by sending a malicious UDID during the MDM...
CVE-2019-18800
Viber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext information such as the device model and OS...
CVE-2020-11015 Device Authentication Vulnerability in thinx-device-api IoT Device Management Server
A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...
CVE-2020-11015
CVE-2020-11015 affects the thinx-device-api IoT Device Management Server prior to firmware 2.5.0. The root issue allows a spoofed MAC address to bypass UDID checks during initial registration, potentially enabling creation of a new UDID with the same MAC address (noted to apply to ESP8266/ESP32 d...
CVE-2020-11015
A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...
CVE-2020-11015
A vulnerability has been disclosed in thinx-device-api IoT Device Management Server before version 2.5.0. Device MAC address can be spoofed. This means initial registration requests without UDID and spoofed MAC address may pass to create new UDID with same MAC address. Full impact needs to be...
PT-2020-12495 · Thinx · Thinx-Device-Api
Name of the Vulnerable Software and Affected Versions: thinx-device-api IoT Device Management Server versions prior to 2.5.0 Description: A vulnerability has been disclosed in the thinx-device-api IoT Device Management Server, where the device MAC address can be spoofed. This allows initial...
Design/Logic Flaw
Viber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext information such as the device model and OS...
WK UDID v1.0.1 iOS - Command Inject Vulnerability
Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1539 Release Date: ============= 2016-05-02 Vulnerability Laboratory ID VL-ID: ==================================== 1539...
WK UDID v1.0.1 iOS - Command Inject Vulnerability
Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1539 Release Date: ============= 2016-05-01 Vulnerability Laboratory ID VL-ID: ==================================== 1539...
UDID v1.0 iOS - Persistent Mail Encode Vulnerability
Document Title: =============== UDID v1.0 iOS - Persistent Mail Encode Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1590 Release Date: ============= 2015-09-22 Vulnerability Laboratory ID VL-ID: ==================================== 1590...
UDID v1.0 iOS - Persistent Mail Encode Vulnerability
Document Title: =============== UDID v1.0 iOS - Persistent Mail Encode Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1590 Release Date: ============= 2015-09-22 Vulnerability Laboratory ID VL-ID: ==================================== 1590...
UDID v1.0 iOS - Persistent Mail Encode Vulnerability
Document Title: =============== UDID v1.0 iOS - Persistent Mail Encode Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1590 Release Date: ============= 2015-09-22 Vulnerability Laboratory ID VL-ID: ==================================== 1590...
UDID+ v2.5 iOS - Mail Command Inject Vulnerability
Document Title: =============== UDID+ v2.5 iOS - Mail Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1542 Release Date: ============= 2015-07-06 Vulnerability Laboratory ID VL-ID: ==================================== 1542...
UDID+ 2.5 Command Injection
Document Title: =============== UDID+ v2.5 iOS - Mail Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1542 Release Date: ============= 2015-07-06 Vulnerability Laboratory ID VL-ID: ==================================== 1542...
WK UDID 1.0.1 Command Injection
Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1539 Release Date: ============= 2015-07-01 Vulnerability Laboratory ID VL-ID: ==================================== 1539...
WK UDID 1.0.1 iOS - Command Injection
WK UDID 1.0.1 iOS - Command Injection Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1539 Release Date: ============= 2015-07-01 Vulnerability Laboratory ID VL-ID:...
WK UDID v1.0.1 iOS - Command Injection Vulnerability
Exploit for iOS platform in category local exploits Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability Product & Service Introduction: =============================== This app offers the opportunity to read device-specific information from your iPhone, iPad or iPod...
WK UDID 1.0.1 iOS - Command Injection
Document Title: =============== WK UDID v1.0.1 iOS - Command Inject Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1539 Release Date: ============= 2015-07-01 Vulnerability Laboratory ID VL-ID: ==================================== 1539...
ManageEngine Desktop Central MSP IOSCheckInServlet UDID Remote Code Execution Vulnerability
Manageengine desktop central is a complete windows client management software that enables remote management of desktop and mobile computers with its remote software installation and configuration options. A remote code execution vulnerability exists in the ManageEngine Desktop Central MSP...