| TVN ID | TVN-202407002 |
|---|---|
| CVE ID | CVE-2024-3123 |
| CVSS | 7.2 (High) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | Mobile One Time Password version 3.11 to 3.11.3 |
| Description | CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system commands. |
| Solution | Update to MOTP 3.11.3 Patch 1 or later version or install the patch. |
| Credit | CHANGING |
| Public Date | 2024-07-01 |
:::