Last active
November 22, 2023 05:22
-
-
Save wwwziziyu/7dbf7fd43f9e304ce0819f8a9784d2c6 to your computer and use it in GitHub Desktop.
Mercedes-benz can download repair orders and contract orders at will
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Mercedes me IOS APP unauthorized access to booking maintenance orders | |
| Affected version: APP version <=1.34.0 | |
| Test tool: iPhone 13 pro-ios 16.6.1+Yakit1.2.7 | |
| Vulnerability URL : | |
| We can check other orders by traversing odd numbers | |
| Order information includes 4s shop, owner's phone number, name, model, date and other information |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment