CVE-2017-3215

EPSS 0.9%CWE-613

The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one year. This bearer token, in combination with a user_id can be used to perform user actions.

Productos afectados

Milwaukee Tool · ONE-KEY

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://duo.com/blog/bug-hunting-drilling-into-the-internet-of-things-iot