CVE-2023-1665

CRITICAL

linagora/twake <0.0.0. - Auth Bypass

Title source: llm

Description

Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0.

Exploits (1)

nomisec WRITEUP
by 0xsu3ks · poc
https://github.com/0xsu3ks/CVE-2023-1665

References (2)

Scores

CVSS v3 9.8
EPSS 0.0024
EPSS Percentile 47.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-307
Status published
Products (1)
linagora/twake < 2023-03-25
Published Mar 27, 2023
Tracked Since Feb 18, 2026