Safety vulnerability ID: 72256
The information on this page was manually curated by our Cybersecurity Intelligence Team.
BlastRADIUS impacts eduMFA due to unchecked Message-Authenticator attributes. An attacker can initiate an authentication flow using a RADIUS-backed token, intercept the RADIUS packet sent by eduMFA, and alter the response from the RADIUS server. This manipulation can deceive eduMFA into accepting the token as valid, even if the RADIUS server originally responded with a rejection.
Latest version: 2.5.0
eduMFA: identity, multifactor authentication (OTP), authorization, audit
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application