| 제목 | Tenda TDSEE mobile application 1.7.12 Authorization Bypass |
|---|
| 설명 | In the TDSEE app, I found there was no rate limit in the confirmation code requests in the password reset functionality, resulting in account takeover.
Knowing the victim’s email, the attacker could change the account password by going through the 6-digit password reset confirmation code.
In the application version 1.7.15, the vendor released a patch, setting a limit on the number of requests per second.
Sources:
https://blog.kevgen.ru/posts/account_takeover_in_tdsee_app/
https://github.com/k3vg3n/researches/blob/main/Account_takeover_in_TDSEE_app.md |
|---|
| 원천 | ⚠️ https://blog.kevgen.ru/posts/account_takeover_in_tdsee_app/ |
|---|
| 사용자 | k3vg3n (UID 86142) |
|---|
| 제출 | 2025. 06. 06. PM 07:44 (11 개월 ago) |
|---|
| 모더레이션 | 2025. 06. 08. PM 03:30 (2 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 311623 [Tenda TDSEE App 까지 1.7.12 Password Reset Confirmation Code /app/ConfirmSmsCode 정보 공개] |
|---|
| 포인트들 | 20 |
|---|