Security Advisory

CVE-2023-36620

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-03 00:00:00

Last updated 2024-09-05 15:03:54

Assigner mitre

State PUBLISHED

Description

An issue was discovered in the Boomerang Parental Control application before 13.83 for Android. The app is missing the android:allowBackup="false" attribute in the manifest. This allows the user to backup the internal memory of the app to a PC. This gives the user access to the API token that is used to authenticate requests to the API.

← Browse all CVEs View on cve.org ↗