Vulnerabilities > CVE-2023-33740 - Unspecified vulnerability in Luowice 3.5.18

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

luowice

NVD

Published: 2023-05-30

Updated: 2024-11-21

Summary

Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message.

Vulnerable Configurations

Part	Description	Count
Application	Luowice Luowice Luowice 3.5.18	1
OS	Google Google Android *	1

References

https://github.com/zzh-newlearner/record/blob/main/luowice_warning.md
https://github.com/zzh-newlearner/record/blob/main/luowice_warning.md