Vulnerability CVE-2024-41276


Published: 2024-10-01

Description:
A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanism can be easily bypassed, enabling attackers to perform a brute force attack to guess the correct PIN and gain unauthorized access to the application.

 References:
https://kaiten.ru/
https://github.com/artemy-ccrsky/CVE-2024-41276

Copyright 2024, cxsecurity.com

 

Back to Top