CNNVD-202508-2328 Information

CNNVD ID

CNNVD-202508-2328

Related CVE

CVE-2025-50503

• CNNVD Published: 2025-08-20

Description (Chinese)

Touch Lebanon Mobile App是黎巴嫩Touch公司的一款免费应用程序。 Touch Lebanon Mobile App 2.20.2版本存在安全漏洞，该漏洞源于密码重置流程存在缺陷，可能导致绕过OTP机制。

Description (English)

Touch Lebanon Mobile App is a free application by Touch Lebanon. There is a security loophole in version 2.20.2 of Touch Lebanon Mobile App, which stems from deficiencies in the password replacement process, which could lead to circumvention of the OTP mechanism.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Touch

Published

2025-08-20

Last Modified

2026-02-24

References

https://www.touch.com.lb/autoforms/portal/touch/personal/contentandapps/mobileapp https://github.com/ksarieddine/disclosures/blob/main/Touch%20Mobile%20Application/2FA%20Bypass%20-%20Touch%20Lebanon.md https://nvd.nist.gov/vuln/detail/CVE-2025-50503 https://access.redhat.com/security/cve/cve-2025-50503