This vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead to the OTP bombing on the targeted system.
CVSS
No CVSS.
References
Configurations
No configuration.
History
04 Oct 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-04 13:15
Updated : 2024-10-04 13:50
NVD link : CVE-2024-47654
Mitre link : CVE-2024-47654
CVE.ORG link : CVE-2024-47654
JSON object : View
Products Affected
No product.
CWE
CWE-799
Improper Control of Interaction Frequency