CVE-2017-3215

EPSS 0.9%CWE-613

The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one year. This bearer token, in combination with a user_id can be used to perform user actions.

Affected products

Milwaukee Tool · ONE-KEY

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://duo.com/blog/bug-hunting-drilling-into-the-internet-of-things-iot