CVE-2025-26522 in RupeeWebالمعلومات

الملخص

بحسب MITRE • 14/02/2025

This vulnerability exists in RupeeWeb trading platform due to improper implementation of OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this vulnerability by manipulating API responses.

Successful exploitation of this vulnerability could allow the attacker to bypass Two-Factor Authentication (2FA) for other user accounts.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

مسؤول

CERT-In

حجز

12/02/2025

إفشاء

14/02/2025

الاعتدال

تمت الموافقة

إدخال

VDB-295824

EPSS

0.00393

KEV

لا

النشاطات

منخفض جدًا

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!