CVE-2022-36539

HIGH

Ouderapp <1.1.22 - Info Disclosure

Title source: llm

Description

WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children.

Exploits (1)

nomisec WRITEUP 3 stars

by Fopje · poc

https://github.com/Fopje/CVE-2022-36539

View Code ZIP pw:eip

References (2)

Core 2

Core References

Product, Release Notes, Third Party Advisory x_refsource_misc

https://apps.apple.com/nl/app/eigen-wijzer-ouderapp/id1331059326

Exploit, Third Party Advisory x_refsource_misc

https://github.com/Fopje/CVE-2022-36539

Scores

CVSS v3 7.5

EPSS 0.0651

EPSS Percentile 91.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-639

Status published

Products (1)

eigen\&wijzer_ouderapp_project/eigen\&wijzer_ouderapp < 1.1.22

Published Sep 07, 2022

Tracked Since Feb 18, 2026