The user_id and device_id on the Ourphoto App version 1.4.1 /device/* end-points both suffer from insecure direct object reference vulnerabilities. Other end-users user_id and device_id values can be enumerated by incrementing or decrementing id numbers. The impact of this vulnerability allows an attacker to discover sensitive information such as end-user email addresses, and their unique frame_token value of all other Ourphoto App end-users.
Category Archives: Advisories
CVE-2022-24188
The /device/signin end-point for the Ourphoto App version 1.4.1 discloses clear-text password information for functionality within the picture frame devices. The deviceVideoCallPassword and mqttPassword are returned in clear-text. The lack of sessions management and presence of insecure direct object references allows to return password information for other end-users devices. Many of the picture frame devices offer video calling, and it is likely this information can be used to abuse that functionality.
CVE-2022-24189
The user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not implemented properly. Removing the value causes all requests to succeed, bypassing authorization and session management. The impact of this vulnerability allows an attacker POST api calls with other users unique identifiers and enumerate information of all other end-users.
CVE-2022-24190
The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication or authorization. The user_token header is not implemented or present on this end-point. An attacker can send a request to bind their account to any users picture frame, then send a POST request to accept their own bind request, without the end-users approval or interaction.
USN-5746-1: HarfBuzz vulnerability
Behzad Najjarpour Jabbari discovered that HarfBuzz incorrectly handled
certain inputs. A remote attacker could possibly use this issue to cause
a denial of service.
moodle-3.11.11-1.fc35
FEDORA-2022-cb7084ae1c
Packages in this update:
moodle-3.11.11-1.fc35
Update description:
Fixes for multiple CVEs
moodle-3.11.11-1.fc36
FEDORA-2022-f7fdcb1820
Packages in this update:
moodle-3.11.11-1.fc36
Update description:
Fixes for multiple CVEs
moodle-4.1-1.fc37
FEDORA-2022-74a9c8e95f
Packages in this update:
moodle-4.1-1.fc37
Update description:
Fixes for multiple CVEs
USN-5689-2: Perl vulnerability
USN-5689-1 fixed a vulnerability in Perl.
This update provides the corresponding update for Ubuntu 22.10.
Original advisory details:
It was discovered that Perl incorrectly handled certain signature verification.
An remote attacker could possibly use this issue to bypass signature verification.
CVE-2021-45036
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims’s username and hashed password to spoof the victim’s id against the server.