Brokerage Wave 安全漏洞

Brokerage Wave is a frontend product from Brokerage, Inc. A security vulnerability exists in Brokerage Wave version 2.0, which stems from an exception mishandling of invalid inputs by an API endpoint, which allows an attacker to generate an error message containing sensitive information about the...

Brokerage Wave 安全漏洞

Brokerage Wave is a frontend product from Brokerage, Inc. A security vulnerability exists in Brokerage Wave version 2.0, which stems from a lack of authorization checking on certain API endpoints, which could allow a remote attacker to manipulate the parameter userid via the API request URL to...

Brokerage Wave 安全漏洞

Brokerage Wave is a frontend product from Brokerage, Inc. A security vulnerability exists in Brokerage Wave version 2.0, which stems from a lack of limitations on too many failed authentication attempts for API-based logins, which could allow an attacker to cause unauthorized access by brute-forc...

Brokerage Wave 安全漏洞

Brokerage Wave is a frontend product from Brokerage, Inc. A security vulnerability exists in Brokerage Wave version 2.0, which stems from a lack of rate limiting for OTP requests in API endpoints, which could allow an attacker to cause OTP bombardment/flooding on the target system by sending...

Brokerage Wave 加密问题漏洞

Brokerage Wave is a frontend product from Brokerage, Inc. An encryption issue vulnerability exists in Brokerage Wave version 2.0, which stems from weak encryption of sensitive data received at the API response, which could allow an attacker to manipulate the parameter userid via the API request U...