PT-2024-16087 · Didi Ddmq · Didi Ddmq

Gaogaostone

Published

2024-10-19

Updated

2024-10-22

CVE-2024-10173

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions didi DDMQ version 1.0

Description A critical vulnerability has been found in the Console Module component of didi DDMQ, affecting an unknown functionality. The manipulation of the input /;login leads to improper authentication. This issue can be exploited remotely. The vendor was contacted about this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Incorrect Authorization

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863CWE-287

Related Identifiers

CVE-2024-10173

Affected Products

Didi Ddmq

PT-2024-16087 · Didi Ddmq · Didi Ddmq

CVE-2024-10173

Weakness Enumeration

Related Identifiers

Affected Products

References · 13