Manuel Walder

**Name of the Vulnerable Software and Affected Versions** Mobatime AMX MTAPI v6 versions prior to 1.5 **Description** The issue concerns Missing Authentication & Authorization in the Web-API of Mobatime AMX MTAPI v6 on IIS, allowing adversaries to gain unrestricted access via the network. **Recommendations** For versions prior to 1.5, update to version 1.5 to resolve the issue. As a temporary workaround, consider restricting access to the Web-API to minimize the risk of exploitation.