VYPR

Cloud Smart Lock

by Cloud Smart Lock

CVEs (1)

  • CVE-2024-48548CriOct 24, 2024
    risk 0.60cvss 9.3epss 0.00

    The APK file in Cloud Smart Lock v2.0.1 has a leaked a URL that can call an API for binding physical devices. This vulnerability allows attackers to arbitrarily construct a request to use the app to bind to unknown devices by finding a valid serial number via a bruteforce attack.