CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-6913

A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView without prompting or displaying it to the user. This vulnerability could trigger phishing attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.4%

CVSS Severity

CVSS v3 Score 8.1

References

https://www.incibe.es/en/incibe-cert/notices/aviso/session-hijacking-imou-life-app
https://www.incibe.es/en/incibe-cert/notices/aviso/session-hijacking-imou-life-app

Products affected by CVE-2023-6913

Imoulife » Imou Life » Version: 6.7.0

cpe:2.3:a:imoulife:imou_life:6.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-6913

Products

Pricing

Contact Us