zzh-newlearner

2 exploits Active since May 2023
CVE-2023-31677 WRITEUP HIGH WRITEUP
luowice 3.5.18 - Information Disclosure via eseeid Parameter
Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter.
CVSS 7.5
CVE-2023-33740 WRITEUP HIGH WRITEUP
luowice 3.5.18 - Unauthenticated Cloud Source Code Exposure via Warning Message Verify Parameter
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message.
CVSS 7.5