TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names.Referenceshttps://www.kth.se/polopoly_fs/1.923564.1568098316%21/Vulnerability_Report_TTLock_Password_Reset.pdf
