Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function
Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function
Sentiment · trusted sources
synthesissevere-fallout-0.80
CVE-2021-41716 represents a critical remote account takeover vulnerability in a government-issued application, indicating severe security mismanagement and potential regulatory fallout for the vendor.
“Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function”