Vulnerabilities > CVE-2020-27416 - Insufficient Session Expiration vulnerability in Mahadiscom Mahavitaran 7.50

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
mahadiscom
CWE-613
critical
NVD
Published: 2021-12-08
Updated: 2021-12-13

Summary

Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account.

Vulnerable Configurations

Part Description Count
Application
Mahadiscom
2

Common Weakness Enumeration (CWE)

References