Critical IDOR - Get anyone's Terminal Data remotely
Unknown
Vulnerability Details
Hello Team,
I have found a critical IDOR using which an attacker can get anyone's terminal data remotely by just changing the terminal/gatekeeper id.
Proof of Concept: Please find the attached screenshots.
Best Regards,
Hely H. Shah
Actions
View on HackerOneReport Stats
- Report ID: 120289
- State: Closed
- Substate: resolved
- Upvotes: 3