Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication bypass Vulnerability in Aero
Vulnerability Description
This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting and manipulating the responses exchanged during the second factor authentication process. Successful exploitation of this vulnerability could allow the attacker to bypass OTP verification for accessing other user accounts.
CVSS Information
N/A
Vulnerability Type
在安全决策中依赖未经信任的输入
Vulnerability Title
Brokerage Aero 安全漏洞
Vulnerability Description
Brokerage Aero是Brokerage公司的一个前台产品。 Brokerage Aero 120820241550之前版本存在安全漏洞,该漏洞源于API端点中不正确地实现了OTP验证机制,从而允许攻击者绕过OTP验证访问其他用户帐户。
CVSS Information
N/A
Vulnerability Type
N/A