Several flaws affecting the Fizikal platform could be chained to bypass security checks, enumerate users, bruteforce the one-time password (OTP) for logging in, and get access to a user's account.
Support the originator by clicking the read the rest link below.