CVE-2025-42600
EUVD-2025-1223323.04.2025, 11:15
This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of incorrect One-Time Password (OTP) attempts through certain API endpoints of login process. A remote attacker could exploit this vulnerability by performing a brute force attack on OTP, which could lead to gain unauthorized access to other user accounts.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.