{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42057?format=json","vulnerability_id":"VCID-hh7q-11e1-4yew","summary":"The device ID is based on IMEI in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever KidsWatch Call Me 2 KW60 R36CW_YDE_S4_A29_2_V1.0_2023.05.24_22.49.44_cob_b. If a malicious user changes the IMEI to the IMEI of a unit they registered in the mobile app, it is possible to hijack the device and control it from the app.","aliases":[{"alias":"CVE-2024-36557"}],"fixed_packages":[],"affected_packages":[],"references":[],"weaknesses":[],"exploits":[],"severity_range_score":"6.6 - 6.6","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hh7q-11e1-4yew"}