CVE-2020-16170
CVE-2020-16170,CVSS 8.2, arises from hard-coded Agora App ID in temi RoboX/phone apps, enabling brute-force joining of any ongoing tema calls by iterating channel IDs (six-digit session IDs). Root cause: App ID embedded in client code; lack of token protection for channel. Exploitation demonstrat...