THREATOPS
THREAT OPSThreat News › [GHSA] GHSA-c67f-gmxw-mj93 (critical) — FacturaScripts: Account takeover of any 2FA-enabled user

[GHSA] GHSA-c67f-gmxw-mj93 (critical) — FacturaScripts: Account takeover of any 2FA-enabled user

medgithub_advisoriesPublished 2026-07-13

GHSA-c67f-gmxw-mj93 Severity: critical CVE: CVE-2026-47677

FacturaScripts: Account takeover of any 2FA-enabled user

# Authentication bypass in FacturaScripts: `/login?action=two-factor-validation` accepts brute-forceable TOTP without password or CSRF protection

## Summary

`Core/Controller/Login.php::twoFactorValidationAction()` accepts an unauthenticated POST containing only `fsNick` and `fsTw

Indicators of compromise

Original source: https://github.com/advisories/GHSA-c67f-gmxw-mj93