Unrated severityNVD Advisory· Published Feb 24, 2022· Updated Sep 16, 2024

CVE-2022-0732

Description

The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability.

Affected products

1byte/Guestspyv5
Range: All
1byte/Fonetrackerv5
Range: All

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.cert.org/vuls/id/229438mitrethird-party-advisoryx_refsource_CERT-VN
www.kb.cert.org/vuls/id/229438mitrethird-party-advisoryx_refsource_CERT-VN
cwe.mitre.org/data/definitions/284.htmlmitrex_refsource_MISC
techcrunch.com/2022/02/22/stalkerware-network-spilling-data/mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000