CVE-2021-44161

Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient validation for user input. A attacker in local area network can perform SQL injection attack to read, modify or delete backend database without authentication. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt