CVE-2023-4617 - Govee Home Unauthorized Remote Code Execution
CVE ID : CVE-2023-4617 Published : Dec. 19, 2024, 10:15 a.m. | 1 hour, 44 minutes ago Description : Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions before 5.9. Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-4617
Published : Dec. 19, 2024, 10:15 a.m. | 1 hour, 44 minutes ago
Description : Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions before 5.9.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Dec. 19, 2024, 10:15 a.m. | 1 hour, 44 minutes ago
Description : Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions before 5.9.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
