Medium severity6.5NVD Advisory· Published Nov 4, 2024· Updated Jun 17, 2026
CVE-2024-51557
CVE-2024-51557
Description
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.1.7
Patches
Vulnerability mechanics
References
1- www.cert-in.org.in/s2cMainServletnvdThird Party Advisory
News mentions
0No linked articles in our index yet.