Last active
November 22, 2023 05:21
-
-
Save wwwziziyu/6c7df331c9ad82d8d1800733d33e6438 to your computer and use it in GitHub Desktop.
Mercedes me IOS APP unauthorized access to booking maintenance orders
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mercedes me IOS APP unauthorized access to booking maintenance orders | |
| Affected version: APP version <=1.34.0 | |
| Test tool: iPhone 13 pro-ios 16.6.1+Yakit1.2.7 | |
| Vulnerability URL : | |
| We can check other orders by traversing odd numbers | |
| Order information includes 4s shop, owner's phone number, name, model, date and other information |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment