MidnightBSD

Advisories for 1byte

CVE-2022-0732 MEDIUM

The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,CWE-639,

Products Affected

Vendor Product Version
1byte fonetracker -
1byte copy9 -
1byte mxspy -
1byte thespyapp -
1byte ispyoo -
1byte exactspy -
1byte secondclone -
1byte the_truth_spy -
1byte guestspy -