A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView without prompting or displaying it to the user. This vulnerability could trigger phishing attacks.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-12-19T14:49:48.766Z

Updated: 2024-08-02T08:42:08.526Z

Reserved: 2023-12-18T09:51:26.413Z

Link: CVE-2023-6913

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-19T15:15:09.447

Modified: 2024-11-21T08:44:49.510

Link: CVE-2023-6913

cve-icon Redhat

No data.