Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Brute Force Attack Vulnerability in Wave 2.0
Vulnerability Description
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack against legitimate user OTP, MPIN or password, which could lead to gain unauthorized access and compromise other user accounts.
CVSS Information
N/A
Vulnerability Type
过多认证尝试的限制不恰当
Vulnerability Title
Brokerage Wave 安全漏洞
Vulnerability Description
Brokerage Wave是Brokerage公司的一个前台产品。 Brokerage Wave 2.0版本存在安全漏洞,该漏洞源于缺少对基于API登录的过多失败身份验证尝试的限制,从而攻击者可以通过对合法用户OTP、MPIN或password进行暴力攻击来导致未经授权的访问。
CVSS Information
N/A
Vulnerability Type
N/A