Project

General

Profile

Actions
Copy link

SoftPos #7

open

Terminal registration OTP can be bypassed

Added by Redmine Admin 4 months ago. Updated 4 months ago.

Status:
New
Priority:
Low
Assignee:
LIQUID/hosam gemei
Category:
Re Test
Start date:
12/18/2024
Due date:
% Done:

100%

Estimated time:

Description

Description
To securely register a terminal the admin login with their credentials and then they are asked to
provide an OTP which is sent to their mobile number. It was found that the OTP step is not required
to get a valid authenticated session making the bypass of the OTP step easy to achieve.

Actions
Copy link
 #1

Updated by Redmine Admin 4 months ago

  • Category set to Re Test
Actions
Copy link
 #2

Updated by Redmine Admin 4 months ago

  • % Done changed from 0 to 100
Actions
Copy link

Also available in: Atom PDF