Last active
November 21, 2023 05:12
-
-
Save wwwziziyu/d0ae135b8075f6db735d75135254e7a1 to your computer and use it in GitHub Desktop.
Mercedes me IOS APP has the vulnerability of exceeding the authority to add shopping cart orders and query shopping cart contents
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability description: Mercedes me IOS APP has the vulnerability of increasing shopping cart orders and querying shopping cart contents beyond its authority. | |
| An attacker can bypass the APP's authentication mechanism by constructing a specific request to add shopping cart orders and query the contents of the cart as another user. | |
| Since these operations are often subject to strict authentication, such overreach can lead to serious security issues. | |
| In addition, since the shopping cart may contain the user's personal information and sensitive data, such an unauthorized query may lead to the disclosure of the user's privacy. | |
| At the same time, the attacker can also obtain the user's shopping habits and preferences in this way, and further conduct targeted fraud activities. | |
| --------------------------------------------------- | |
| Affected version: APP version <=1.34.0 | |
| ---------------------------------------------------- | |
| Test tool: iPhone 13 Pro-ios 16.6.1+Burp Suite | |
| ---------------------------------------------------- | |
| Vulnerability verification | |
| We can Query the user who just added the cart by changing our default VIN to the Query vulnerability URL | |
| ---------------------------------------------------- | |
| Add: You can view the number of items in your cart without permission | |
| Change the VIN in the request package |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment