{"uuid": "867777b6-7bba-4b71-a3be-9f409f342da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-33944", "type": "seen", "source": "https://t.me/cibsecurity/46686", "content": "\u203c CVE-2022-33944 \u203c\n\nThe main MiCODUS MV720 GPS tracker web server has an authenticated insecure direct object references vulnerability on endpoint and POST parameter \u00e2\u20ac\u0153Device ID,\u00e2\u20ac\ufffd which accepts arbitrary device IDs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T20:12:10.000000Z"}