This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack on login OTP, which could lead to gain unauthorized access to other user accounts.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XApexsoftcell Ld Dp Back Office
APPApexsoftcell< 24.8.21.1Apexsoftcell Ld Geo
APPApexsoftcell< 4.0.0.7
Related vulnerabilities
This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters ...
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation ...
This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client...
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID i...