5 matches found
CVE-2022-40297
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...
GTAB Software Tabit 安全漏洞
GTAB Software Tabit is a full-featured program from GTAB Software for creating, playing and printing fingerstyle music for guitar, bass or banjo. A security vulnerability exists in GTAB Software Tabit that stems from its system password being a 4-digit OTP.An attacker could resend the OTP and...
CVE-2022-34772
Tabit - password enumeration. Description: Tabit - password enumeration. The passwords for the Tabit system is a 4 digit OTP. One can resend OTP and try logging in indefinitely. Once again, this is an example of OWASP: API4 - Rate limiting...
CVE-2021-25309
The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does not implement any lockout or throttling functionality. This situation together with the weak password policy that forces a 4-digit password allows remote attackers to easily obtain administrative access...
Unspecified Vulnerability in BHIM application for Android
BHIM application for Android is an Android platform based mobile payment application by National Payments India. A security vulnerability exists in National Payments Corporation in version 1.3 of the India BHIM application for Android-based platform, which stems from the program's use of a...