Security Advisory

CVE-2025-26522

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-14 11:24:17

Last updated 2025-02-14 16:33:17

Assigner CERT-In

State PUBLISHED

Description

This vulnerability exists in RupeeWeb trading platform due to improper implementation of OTP validation mechanism in certain API endpoints. A remote attacker with valid credentials could exploit this vulnerability by manipulating API responses. Successful exploitation of this vulnerability could allow the attacker to bypass Two-Factor Authentication (2FA) for other user accounts.

← Browse all CVEs View on cve.org ↗