CVE-2026-7671

CodeWise Tornet Scooter Mobile App TwoFactor excessive authentication

CVSS 6.3 MEDIUMEPSS 0.6%CWE-307 CWE-799

A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is regarded as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Produtos afetados

CodeWise · Tornet Scooter Mobile App

PoCs públicas encontradas — 1

cve_referencedrive.proton.me/urls/M0WFM4137W#MY0jA6pjHYPOnão verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://drive.proton.me/urls/M0WFM4137W#MY0jA6pjHYPO https://vuldb.com/submit/799987 https://vuldb.com/vuln/360819 https://vuldb.com/vuln/360819/cti