63moons Aero

6 CVEs affecting 63moons Aero. Latest disclosed: 2024-11-04. Critical: 1, High: 1.

Top CVEs affecting 63moons Aero
CVESeverityScorePublishedSummary
CVE-2024-51558Critical9.82024-11-04This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker co…
CVE-2024-51561High7.52024-11-04This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could e…
CVE-2024-51559Medium6.52024-11-04This vulnerability exists in the Wave 2.0 due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vu…
CVE-2024-51557Medium6.52024-11-04This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this…
CVE-2024-51556Medium6.52024-11-04This vulnerability exists in the Wave 2.0 due to insufficient encryption of sensitive data received at the API response. An authenticated remote attacker could…
CVE-2024-51560Medium4.32024-11-04This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could…