Any Indian DigiLocker Account Could've Been Accessed Without Password

The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially allowed a remote attacker to bypass mobile one-time passwords (OTP) and sign in as other users to access their sensitive documents stored on the platform. "The OTP function lacks authorization which makes it possible to perform OTP validation with

via The Hacker News

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related articles

1. Pentest Red Team
2. Hacking Link
3. Pentest Vs Red Team
4. Hacking Names
5. Pentest Os
6. Hacking Tutorials
7. Hacking Simulator
8. Pentest Certification
9. Hacker Website
10. Hackerrank
11. Pentest Cheat Sheet
12. Pentest Free
13. Hacker Ethic
14. Pentest Uk
15. Pentest Web Application
16. Hacking Vpn
17. Hacking Box
18. Hacking