Vulnerabilities

CVE-2025-15115 - Petlibro Smart Pet Feeder Platform through 1.7.31 Authentication Bypass via API

2026-01-04 0 views admin

CVE ID : CVE-2025-15115 Published : Jan. 4, 2026, 12:15 a.m. | 17 minutes ago Description : Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authentication bypass vulnerability that allows unauthenticated attackers to access any user account by exploiting OAuth token validation flaws in the social login system. Attackers can send requests to /member/auth/thirdLogin with arbitrary Google IDs and phoneBrand parameters to obtain full session tokens and account access without proper OAuth verification. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15115

Severity

MEDIUM

Published

Jan. 4, 2026

Affected Product: Google IDs

Impact: authentication bypass

Source: Telegram CVE Monitor

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15115mediumgoogle ids

CVE-2025-15115 - Petlibro Smart Pet Feeder Platform through 1.7.31 Authentication Bypass via API

CVE Details

🏷️ Tags

More from Vulnerabilities

Essential Guide: CVE-2025-15446 - Seeyon Zhiyuan OA Web Application System fixedAssetsList.j%73p sql injection

CVE-2025-15448 - cld378632668 JavaMall MinioController.java upload unrestricted upload - Guide

Complete Guide to CVE-2025-5591 - Stored Cross-site Scripting (XSS) in Kentico Xperience 13

Latest: CVE-2025-15447 - Seeyon Zhiyuan OA Web Application System assetsService.j%73p sql injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting