Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur because the password-reset feature discloses the verification token. Upon a getverificationcode.jsp request, this token is transmitted not only to the registered phone number of the user account, but is also transmitted to the unauthenticated HTTP client.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BT CTROMS Terminal OS Port Portal CT-464 安全漏洞
Vulnerability Description
BT CTROMS Terminal OS Port Portal CT-464中存在安全漏洞,该漏洞源于密码重置功能会公开验证令牌。攻击者可利用该漏洞接管账户。
CVSS Information
N/A
Vulnerability Type
N/A