Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2020-35398

Description

An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers to brute force enumeration of usernames determined by the error message returned after invalid credentials are attempted.

POC

Reference

- https://cvewalkthrough.com/cve-2020-35398-uti-mutual-fund-android-application-username-enumeration/

Github

No PoCs found on GitHub currently.