CVE-2023-36620
CVSS 3.1 Score 4.6 of 10 (medium)
Details
Published Nov 3, 2023
Updated: Nov 14, 2023
Summary
CVE-2023-36620: A vulnerability was discovered in the Boomerang Parental Control app for Android prior to version 13.83. The app fails to include the android:allowBackup="false" attribute in its manifest file, enabling users to backup the internal data. This backup process grants access to the API token, used for authentication, putting sensitive user information at risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share