CVE-2025-26524 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker c…
Medium CVSS: 5.1

CVE-2025-26524

This vulnerability exists in RupeeWeb trading platform due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/ flooding on the targeted system.
Vendor
-
Product
-
CWE
CWE-799
Yayın Tarihi
2025-02-14 12:15:29
Güncelleme
2025-02-14 12:15:29
Source Identifier
vdisclose@cert-in.org.in
KEV Date Added
-

Kategoriler

CWE-799 MEDIUM 2025

Referanslar

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0020