PT-2026-1179 · Petlibro · Petlibro Smart Pet Feeder Platform

Bobdahacker

Publicado

2026-01-03

Atualizado

2026-02-03

CVE-2025-3646

CVSS v3.1

8.2

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Petlibro Smart Pet Feeder Platform versions up to 1.7.31

Description The Petlibro Smart Pet Feeder Platform is affected by an authorization bypass. This allows unauthorized users to add themselves as shared owners to any device. The issue is due to missing permission checks when processing requests to the device share API. An attacker can exploit this to gain unauthorized access to devices and view owner information without proper authorization.

Recommendations Update to a version later than 1.7.31.

Correção

Missing Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-306

Identificadores relacionados

CVE-2025-3646

Produtos afetados

Petlibro Smart Pet Feeder Platform

PT-2026-1179 · Petlibro · Petlibro Smart Pet Feeder Platform

CVE-2025-3646

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10