Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-kw21-aerf-wkgn
SummaryThis vulnerability exists in Shilpi Client Dashboard due to lack of rate limiting and Captcha protection for OTP requests in certain API endpoint. An unauthenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints, which could lead to the OTP bombing on the targeted system.
Aliases
0
alias CVE-2024-47654
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47654
reference_id
reference_type
scores
0
value 0.0062
scoring_system epss
scoring_elements 0.70518
published_at 2026-06-11T12:55:00Z
1
value 0.0062
scoring_system epss
scoring_elements 0.70608
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47654
1
reference_url https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313
reference_id s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313
reference_type
scores
0
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T14:09:00Z/
url https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0313
Weaknesses
0
cwe_id 799
name Improper Control of Interaction Frequency
description The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.
Exploits
Severity_range_score7.1 - 7.1
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-kw21-aerf-wkgn