Unlimited Attempts Vulnerability in Hozard Alarm System v1.0 Allows Brute Force Attack on SMS Authentication
CVE-2023-50123 · HIGH Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
The number of attempts to bring the Hozard Alarm system (alarmsystemen) v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state.
Learn more about our Web Application Penetration Testing UK.