CVE-2024-51561

Name of the Vulnerable Software and Affected Versions Aero (affected versions not specified)

Description This issue exists due to improper implementation of the OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this by intercepting and manipulating responses during the second factor authentication process. Successful exploitation could allow the attacker to bypass OTP verification for accessing other user accounts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.