During the API security testing, we successfully executed a brute-force attack on this API. Although we were unable to identify an OTP to bypass this verification, we discovered that this API is vulnerable to brute-force attacks. We observed that the system does not block repeated requests, allowing the attack to run continuously. This poses a significant risk of downtime for both the database server and the application server

During the API security testing, we successfully executed a brute-force attack on this API. Although we were unable to identify an OTP to bypass this verification, we discovered that this API is vulnerable to brute-force attacks. We observed that the system does not block repeated requests, allowing the attack to run continuously. This poses a significant risk of downtime for both the database server and the application server

During the API security testing, we successfully executed a brute-force attack on this API. Although we were unable to identify an OTP to bypass this verification, we discovered that this API is vulnerable to brute-force attacks. We observed that the system does not block repeated requests, allowing the attack to run continuously. This poses a significant risk of downtime for both the database server and the application server