Feature #260: [Security Audit Round 2 ] OTP Bruteforce (Reapeated) - E-Arogya - Redmine

Actions

Copy link

Feature #260

closed

Feature #235: [Security Audit Round 2 ]

[Security Audit Round 2 ] OTP Bruteforce (Reapeated)

Added by Kalyan Battula 12 months ago. Updated 11 months ago.

Status:

Closed

Priority:

High

Assignee:

Kalyan Battula

Category:

Target version:

Security Audit

Start date:

01/05/2024

Due date:

% Done:

Estimated time:

Deployed In:

Category:

Description

OTP Bruteforce (Repeated)
CWE : CWE-799
Description :
Application allows users to submit multiple wrong OTPs which lead to bruteforce
attacks to guess the correct OTP.
Affected Path(s) :
https://earogya.satragroup.in/login *-Applicable to entire application
Impact :
Account takeover can be possible by using this vulnerability.
Evidence/Proof Of Concept :
Step 1: Application accepting multiple OTP requests which leads to brute force the OTP by
submitting multiple requests.

Step 2: Functionalilty issue

Recommendation :
It is recommended to allow only 3 to 5 wrong attempts of OTPs. After the limit block the
mobile number for some time or provide a new OTP.

Files

Download all files

clipboard-202405011257-kqohn.png (47 KB) clipboard-202405011257-kqohn.png		Kalyan Battula, 01/05/2024 12:57 PM
clipboard-202405011258-j6kit.png (430 KB) clipboard-202405011258-j6kit.png		Kalyan Battula, 01/05/2024 12:58 PM