Primary

Context

Mobatime AMX MTAPI Missing Authentication and Authorization Vulnerability in Web-API

Vulnerability

A vulnerability in Mobatime AMX MTAPI version 6, running on IIS, allows adversaries to gain unrestricted access to the Web-API via the network due to missing authentication and authorization. This issue has been addressed in version 1.5.

Impact

Exploitation of this vulnerability allows for unauthorized access to the Web-API, potentially leading to unauthorized actions or data exposure.

Remediation

Users are advised to update to Mobatime AMX MTAPI version 1.5. After the update, all data traffic will be encrypted using AES256. For assistance with the update, contact Mobatime support or visit the Mobatime website.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mobatime AMX MTAPI Missing Authentication and Authorization Vulnerability in Web-API

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating