Security flaw exposes users' emails, passwords of 'smart' chastity cage maker

A security researcher has discovered serious vulnerabilities in a company that manufactures an internet-controlled chastity device for males that exposed users' email addresses, plaintext passwords, home addresses and IP addresses, and -- in some cases -- GPS coordinates.

Security flaw exposes users' emails, passwords of 'smart' chastity cage maker
According to TechCrunch, the researcher gained access to a database containing records of over 10,000 users using two vulnerabilities. Image Courtesy: Unsplash.

A security researcher has discovered serious vulnerabilities in a company that manufactures an internet-controlled chastity device for males that exposed users' email addresses, plaintext passwords, home addresses and IP addresses, and -- in some cases -- GPS coordinates.

According to TechCrunch, the researcher gained access to a database containing records of over 10,000 users using two vulnerabilities. The researcher exploited the bugs to see what data it could get access to.

Additionally, the researcher informed the company of the vulnerabilities on June 17, urging them to fix them and protect their users. As of now, the company has not addressed the vulnerabilities yet, the report mentioned.

"Everything's just too easy to exploit. And that's irresponsible. So my best hope is that they will contact either you or me and fix everything," the researcher was quoted as saying.

Moreover, the researcher defaced the company's homepage in an attempt to warn the company and its users.“The site was disabled by a benevolent third party. (REDACTED) has left the site wide open, allowing any script kiddie to grab any and all customer information.This includes plaintext passwords and contrary to what (REDACTED) has claimed, also shipping addresses. You're welcome!” the researcher wrote.

“If you have paid for a physical unit and now cannot use it, I'm sorry. But there are thousands of people with accounts on here and I could not in good faith leave everything up for grabs,” it added.

The company removed the researcher's warning and restored the website less than 24 hours later. However, the company did not address the flaws, which are still present and exploitable, the report said.

Aside from the flaws that allowed the researcher access to the users' database, it was discovered that the company's website exposes logs of users' PayPal payments.

The logs show the users' PayPal email addresses as well as the date they made the payment, according to the report.The company's chastity device is intended to be controlled by a partner via an Android app. By transmitting precise GPS coordinates, the app allows partners to track the device wearer's movements.

Catch the latest stock market updates here. For all other news related to business, politics, tech, sports, and auto, visit Zeebiz.com.

 

Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.

RECOMMENDED STORIES

https://www.zeebiz.com/personal-finance/photo-gallery-epfo-retirement-pension-scheme-early-pension-superannuation-disablement-widow-child-orphan-pension-online-login-passbook-employee-provident-fund-327598

EPFO Pension Schemes: Early pension, retirement pension, nominee pension and 4 other pension schemes that every private sector employee should know

https://www.zeebiz.com/trending/news-rains-in-tamil-nadu-orange-alert-issues-for-november-26-regional-meteorological-centre-cyclone-south-andaman-sea-puducherry-karaikkal-327505

Tamil Nadu Weather News: Heavy rain likely in TN, orange alert issued for Nov 26

https://www.zeebiz.com/markets/stocks/photo-gallery-psu-and-largecap-shares-to-buy-short-term-bse-sensex-nse-nifty-pick-of-the-day-327460

Stocks to buy: Hindustan Aeronautics, Zomato, Tata Tech, GMR Airports among analysts' top picks

https://www.zeebiz.com/trending/photo-gallery-delhi-aqi-today-air-pollution-level-falls-to-very-poor-quality-schools-closed-work-from-home-started-in-office-government-bans-firecrackers-sale-on-ecommerce-sites-city-records-lowest-temperature-327481

Delhi AQI Today: Air quality index level drops; city records season's lowest temperature

https://www.zeebiz.com/personal-finance/photo-gallery-top-5-small-cap-mutual-funds-with-best-sip-xirr-returns-in-1-year-calculator-inr-rs-25000-monthly-investment-has-grown-to-355000-nifty-150-tri-bse-invesco-edelweiss-hsbc-franklin-nav-aum-327419

Top 5 Small Cap Mutual Funds with best SIP returns in 1 year: See how Rs 25,000 monthly investment has grown in each scheme

https://www.zeebiz.com/personal-finance/photo-gallery-top-7-sbi-sip-mutual-funds-with-highest-sip-return-xirr-in-1-year-capital-gains-calculator-how-inr-rs-25000-monthly-investment-has-grown-to-bse-sp-nifty-multi-large-health-tech-banking-326674

Top 7 SBI Mutual Funds With Best SIP Returns in 1 Year: Rs 25,000 monthly SIP investment in No.1 fund has jumped to Rs 3,58,404

Written By: IANS
Updated: Sun, Sep 03, 2023
02:00 PM IST
IANS
RELATED NEWS
Cybersecurity jobs jump 14% over past year; Bengaluru tops list: Report Cybersecurity jobs jump 14% over past year; Bengaluru tops list: Report
BSE launches World Investor Week 2024 with focus on technology, cybersecurity BSE launches World Investor Week 2024 with focus on technology, cybersecurity
India strengthens cybersecurity with Bharat NCX 2023 India strengthens cybersecurity with Bharat NCX 2023
Google, MeitY join hands to empower India's cybersecurity workforce Google, MeitY join hands to empower India's cybersecurity workforce
83% of Indian firms faced cybersecurity incident in past year: Report 83% of Indian firms faced cybersecurity incident in past year: Report

By accepting cookies, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.

x