Share
## https://sploitus.com/exploit?id=PACKETSTORM:172476
CVE-2023-33291  
  
[Description]  
In eBankIT 6, the public endpoints /public/token/Email/generate and  
/public/token/SMS/generate allow generation of OTP messages to any email  
address or phone number without validation.  
------------------------------------------  
  
[Additional Information]  
The cookies in the request are not needed, they can be empty.  
  
------------------------------------------  
  
[Vulnerability Type]  
Insecure Permissions  
  
------------------------------------------  
  
[Vendor of Product]  
eBankIT  
  
------------------------------------------  
  
[Affected Product Code Base]  
eBankIT - Version 6  
  
------------------------------------------  
  
[Affected Component]  
Public API Endpoint: /public/token/Email/generate  
Public API Endpoint: /public/token/SMS/generate  
  
------------------------------------------  
  
[Attack Type]  
Remote  
  
------------------------------------------  
  
[Impact Denial of Service]  
true  
  
------------------------------------------  
[CVE Impact Other]  
Because these endpoints are public, and the values of the cookies are not  
required, a threat actor could potentially leverage this functionality to  
create a more realistic social engineering scenario that could potentially  
affect clients.  
  
------------------------------------------  
[Attack Vectors]  
To exploit this vulnerability, an attacker must intercept the request to  
the api public endpoint: /public/token/Email/generate or  
/public/token/SMS/generate. The attacker can modify the parameters to  
choose which email or phone number the OTP would go to. This request can be  
used without any type of restriction.  
  
------------------------------------------  
  
[Discoverer]  
Steeven Rodríguez