CVE-2018-15658

CVE-2018-15658

An issue was discovered in 42Gears SureMDM before 2018-11-27. By visiting the page found at /console/ConsolePage/Master.html, an attacker is able to see the markup that would be presented to an authenticated user. This is caused by the session validation occurring after the initial markup is loaded. This results in a list of unprotected API endpoints that disclose call logs, SMS logs, and user-account data.

Source: CVE-2018-15658

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다