CodeWise Tornet Scooter Mobile App TwoFactor excessive authentication_CVE-2026-7671

6.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is regarded as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2026-7671

Source VulDB

Published May 2, 2026 at 23:30

Affected Product

Vendor CodeWise

Product Tornet Scooter Mobile App

Version 4.75

Affected Versions CodeWise Tornet Scooter Mobile App 4.75

CWE Classification

CWE-307 CWE-799

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is regarded as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-05-02T23:30:13.982Z",
    "modified": "2026-05-02T23:30:13.982Z",
    "type": "cve",
    "title": "CodeWise Tornet Scooter Mobile App TwoFactor excessive authentication",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/360819\nhttps://vuldb.com/vuln/360819/cti\nhttps://vuldb.com/submit/799987\nhttps://drive.proton.me/urls/M0WFM4137W#MY0jA6pjHYPO",
    "id": "CVE-2026-7671",
    "bulletinFamily": "",
    "cwe": [
        "CWE-307",
        "CWE-799"
    ],
    "cvelist": null,
    "sourceData": "CodeWise Tornet Scooter Mobile App 4.75",
    "sourceHref": "",
    "cvss": {
        "score": 6.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Tornet Scooter Mobile App",
    "version": "4.75",
    "vendor": "CodeWise",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}