Account Take over of millions of MTN users account due to lack of Rate limiting when sending OTP code

Disclosed: 2020-04-13 07:20:58 By its_afolic To mtn_group

High

Vulnerability Details

I attached a PDF document to this report which explained the vulnerability in full details and I also attached a link to the POC video in the document. ## Impact Account take over of about any MTN user account.

Actions

View on HackerOne

Report Stats

Report ID: 761000
State: Closed
Substate: resolved
Upvotes: 9

Account Take over of millions of MTN users account due to lack of Rate limiting when sending OTP code

Vulnerability Details

Actions

Report Stats

Share this report