Unrated severityNVD Advisory· Published Sep 19, 2024· Updated Sep 19, 2024
OTP Bypass Vulnerability
CVE-2024-47086
Description
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authentication and subsequently changing its API response.
Successful exploitation of this vulnerability could allow the attacker to bypass OTP verification for other user accounts.
Affected products
1- Range: <24.8.21.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.cert-in.org.in/s2cMainServletmitrethird-party-advisory
News mentions
0No linked articles in our index yet.