Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Authentication Bypass Vulnerability in CAP back office application
Vulnerability Description
This vulnerability exists in the CAP back office application due to improper implementation of OTP verification mechanism in its API based login. A remote attacker with valid credentials could exploit this vulnerability by manipulating API request URL/payload. Successful exploitation of this vulnerability could allow the attacker to bypass Two-Factor Authentication (2FA) for other user accounts.
CVSS Information
N/A
Vulnerability Type
使用候选路径或通道进行的认证绕过
Vulnerability Title
Rising Technosoft CAP back office application 安全漏洞
Vulnerability Description
Rising Technosoft CAP back office application是印度Rising Technosoft公司的一个后台应用程序。 Rising Technosoft CAP back office application存在安全漏洞,该漏洞源于API登录中OTP验证机制实现不当,允许远程攻击者通过操纵API请求URL/有效载荷绕过双因素认证。
CVSS Information
N/A
Vulnerability Type
N/A