CVE-2017-3215

EPSS 0.9%CWE-613

The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one year. This bearer token, in combination with a user_id can be used to perform user actions.

Produtos afetados

Milwaukee Tool · ONE-KEY

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://duo.com/blog/bug-hunting-drilling-into-the-internet-of-things-iot