| TVN ID | TVN-202407001 |
|---|---|
| CVE ID | CVE-2024-3122 |
| CVSS | 4.9 (Medium) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
| Affected Products | Mobile One Time Password version 3.11.2 and earlier. |
| Description | CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the system. |
| Solution | Update to MOTP 3.11.3 Patch 1 or later version or install the patch. |
| Credit | Vtim(DEVCORE) |
| Public Date | 2024-07-01 |
:::