CVE-2022-0732

Summary

The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability.

Affected Software

VendorProductVersion RangeStatus
1ByteCopy9Allaffected
1ByteFoneTrackerAllaffected
1ByteiSpyooAllaffected
1ByteGuestSpyAllaffected
1ByteTheSpyAppAllaffected
1ByteExactSpyAllaffected
1ByteSecondCloneAllaffected
1ByteThe Truth SpyAllaffected
1ByteMxSpyAllaffected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References