Primary

Context

RupeeWeb Trading Platform Insufficient Authorization Vulnerability Allowing Unauthorized Information Modification

Vulnerability

A vulnerability has been identified in the RupeeWeb trading platform, all versions prior to 66.9, due to inadequate authorization controls on certain API endpoints that manage addition and deletion operations. This vulnerability could enable an authenticated remote attacker to alter information associated with other user accounts.

Impact

Exploitation of this vulnerability could result in unauthorized modification of user account information.

Remediation

Users are advised to upgrade RupeeWeb to version 66.9.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

RupeeWeb Trading Platform Insufficient Authorization Vulnerability Allowing Unauthorized Information Modification

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating