Description
Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.
References
https://www.exploit-db.com/exploits/47824
ExploitThird Party AdvisoryVDB Entry
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5555.php
ExploitThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-04-29T14:15:09.390
4 years agoLast modified
2021-05-08T04:57:55.657
4 years ago