Skip to main content

Mahavitaran

2 CVEs product

Monthly

CVE-2021-41716 CRITICAL POC Act Now

Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Google Mahavitaran
NVD VulDB
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-27413 MEDIUM This Month

An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Mahavitaran
NVD VulDB
CVSS 3.1
4.2
EPSS
0.3%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Google Mahavitaran
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM This Month

An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Mahavitaran
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy