Vulnerable Software: Maharashtra State Electricity Board Android Application Vulnerability: Account takeover via OTP Fixation Affected Version: 7.50 and prior Patched: Yes Vendor Homepage: https://www.mahadiscom.in/en/home/ App store link: https://play.google.com/store/apps/details?id=com.msedcl.app&hl=en_IN&gl=US CVE: CVE-2021-41716 CVE Author: Tejas Nitin Pingulkar Exploit Available: POC Available About Affected Software The Official App for Consumer by Mahavitaran (MSEDCL). Mahavitaran Consumer App enables consumers to avail Mahavitaran services at his/her fingertips. The […]
CVE-2020-27413 Mahavitaran Android Application: Clear-text password storage
Vulnerable Software: Maharashtra State Electricity Board Android Application Vulnerability: Clear-text password storage Affected Version: 7.50 and prior Patched: Yes Vendor Homepage: https://www.mahadiscom.in/en/home/ App store link: https://play.google.com/store/apps/details?id=com.msedcl.app&hl=en_IN&gl=US CVE: CVE-2020-27413 CVE Author: Tejas Nitin Pingulkar Exploit Available: POC Available About Affected Software The Official App for Consumer by Mahavitaran ( M.S.E.D.C.L.). Mahavitaran Consumer App enables consumers to avail Mahavitaran services […]
CVE-2020-27416 Mahavitaran Android Application: Account take over via OTP bypass
Vulnerable Software: Maharashtra State Electricity Board Android Application Vulnerability: Account take over via OTP bypass Affected Version: 7.50 and prior Patched: Yes Vendor Homepage: https://www.mahadiscom.in/en/home/ App store link: https://play.google.com/store/apps/details?id=com.msedcl.app&hl=en_IN&gl=US CVE: CVE-2020-27416 CVE Author: Tejas Nitin Pingulkar Exploit Available: POC Available About Affected Software The Official App for Consumer by Mahavitaran ( M.S.E.D.C.L.). Mahavitaran Consumer App enables consumers to avail Mahavitaran services at his/her […]
CVE-2020-35398: UTI Mutual fund Android Application- Username Enumeration
Vulnerable Software: UTI Mutual fund Android Application Vulnerability: Username Enumeration Affected Version: 5.4.28 Patch: Not Released (03-December-2021) Vendor Homepage: https://utimf.com/ CVE: CVE-2020-11561 CVE Author: Tejas Nitin Pingulkar Exploit Available: POC available About Affected Software Investing in Mutual Funds is now easy with the UTI MF (UTI Mutual Funds) App. It gives you a hassle-free experience to invest in any mutual fund scheme […]
CVE-2020-27414 Mahavitaran Android Application: Insecure Communication of Sensitive Data
Vulnerable Software: Maharashtra State Electricity Board Android Application Vulnerability: Insecure Communication of sensitive data Affected Version: 7.50 and prior Patched: Yes Vendor Homepage: https://www.mahadiscom.in/en/home/ App store link: https://play.google.com/store/apps/details?id=com.msedcl.app&hl=en_IN&gl=US CVE: CVE-2020-27414 CVE Author: Tejas Nitin Pingulkar Exploit Available: POC Available About Affected Software The Official App for Consumer by Mahavitaran ( M.S.E.D.C.L.). Mahavitaran Consumer App enables consumers to avail Mahavitaran services at his/her fingertips. The […]