📦 Aero

This vulnerability allows remote attackers to bypass authentication protections in Wave 2.0 by brute-forcing OTP, MPIN, or password credentials due to missing rate limiting. Any organization using Wav...

This vulnerability allows authenticated attackers to bypass OTP verification in Aero's authentication system by intercepting and manipulating responses during second-factor authentication. It affects ...

This vulnerability allows authenticated attackers to send unlimited OTP requests through a vulnerable API endpoint in Wave 2.0, causing OTP bombing/flooding attacks. This affects systems running Wave ...

This vulnerability in Wave 2.0 allows authenticated attackers to trigger error messages containing sensitive information by sending invalid inputs to a specific API endpoint. The information disclosur...