Vulnerabilities > Mahadiscom > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-08 | CVE-2020-27416 | Insufficient Session Expiration vulnerability in Mahadiscom Mahavitaran 7.50 Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account. | 9.8 |
| 2021-12-07 | CVE-2021-41716 | Improper Authentication vulnerability in Mahadiscom Mahavitaran 7.50 Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function | 9.8 |