CVE-2021-28174

Published on: 04/07/2021 12:00:00 AM UTC

Last Modified on: 04/08/2021 01:14:08 PM UTC

CVE-2021-28174 - advisory for TVN-202103001

Source: Mitre
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

The following vulnerability was found:

Mitake smart stock selection system contains a broken authentication vulnerability. By manipulating the parameters in the URL, remote attackers can gain the privileged permissions to access transaction record, and fraudulent trading without login.

  • CVE-2021-28174 has been assigned by [email protected] to track the vulnerability
  • Affected Vendor/Software: Mitake - Mitake Smart Stock Selection System version <= 2020/06/23

CVE References

Description Tags Link
TWCERT/CC台灣電腦網路危機處理暨協調中心-三竹資訊 智慧下單系統 - Broken Authentication www.twcert.org.tw
text/html
URL Logo MISC www.twcert.org.tw/tw/cp-132-4625-4ccc6-1.html

Known Affected Software

Vendor Product Version
Mitake Mitake Smart Stock Selection System<= 2020/06/23

Social Mentions

Source Title Posted (UTC)
Twitter Icon @CVEreport CVE-2021-28174 : Mitake smart stock selection system contains a broken authentication vulnerability. By manipulatin… twitter.com/i/web/status/1… 2021-04-08 03:56:51
Twitter Icon @0_exploit CVE-2021-28174 dlvr.it/RxFTsH 2021-04-08 13:24:02