Threat description |
Attacker could add users for sharing cameras without authorization |
Threat target |
Mobile apps. |
Attack techniques |
An attacker creates a CSRF request that is sent to victims to auto-add a user for sharing. |
Countermeasures |
Use anti-CSRF tokens. |