1. Home
  2. CVE Database
  3. CVE-2025-28128
HIGH · 7.0

CVE-2025-28128

An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request.

Vulnerability Description

An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request.

CVSS Score

7.0

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
MytelTelecom Online Account System1.0

Related Weaknesses (CWE)

CWE-290

References

FAQ

What is CVE-2025-28128?

CVE-2025-28128 is a vulnerability with a CVSS score of 7.0 (HIGH). An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request.

How severe is CVE-2025-28128?

CVE-2025-28128 has been rated HIGH with a CVSS base score of 7.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-28128?

Check the references section above for vendor advisories and patch information. Affected products include: Mytel Telecom Online Account System.