CVE-2022-37144
CVE-2022-37144
The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →