Zomato API Vulnerability Exploit

Zomato is an online restaurant search and discovery service providing information on home delivery, dining-out, cafés and nightlife in cities of India and 21 other countries.

Recently an API vulnerability in Zomato’s website was brought light by a security engineer by the name of Anand Prakash. Accounts of over 62.5 Million users were compromised.

The hacker informed the officials about the vulnerability that he found after doing VAPT on the website. Decision makers at Zomato acknowledged the issue and fixes were made instantly.

This compilation brings to you:

  • Nature of exploit
  • Vulnerability details
  • Vulnerability endpoints
  • What could be done to avoid such instance
Download Ebook

We won't spam you and we'll keep your e-mail safe