CVE & Exploit Intelligence Database

CVE-2024-38287 9.8 CRITICAL EPSS 0.01

The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's password to a random insecure 8-digit value.

CWE-640 Jul 25, 2024

CVE-2024-38468 9.8 CRITICAL EPSS 0.00

Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API.

CWE-640 Jun 16, 2024

CVE-2023-7264 8.1 HIGH EPSS 0.02

The Build App Online plugin for WordPress is vulnerable to account takeover due to a weak password reset mechanism in all versions up to, and including, 1.0.21. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing an 4-digit numeric reset code.

CWE-640 Jun 11, 2024

CVE-2024-36407 3.7 LOW EPSS 0.00

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, a user password can be reset from an unauthenticated attacker. The attacker does not get access to the new password. But this can be annoying for the user. This attack is also dependent on some password reset functionalities being enabled. It also requires the system using php 7, which is not an officially supported version. Versions 7.14.4 and 8.6.1 contain a fix for this issue.

CWE-640 Jun 10, 2024

CVE-2024-5277 7.5 HIGH EPSS 0.00

In lunary-ai/lunary version 1.2.4, a vulnerability exists in the password recovery mechanism where the reset password token is not invalidated after use. This allows an attacker who compromises the recovery token to repeatedly change the password of a victim's account. The issue lies in the backend's handling of the reset password process, where the token, once used, is not discarded or invalidated, enabling its reuse. This vulnerability could lead to unauthorized account access if an attacker obtains the recovery token.

CWE-640 Jun 06, 2024

CVE-2024-5404 9.8 CRITICAL EPSS 0.01

An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism.

CWE-640 Jun 03, 2024

CVE-2023-35717 8.8 HIGH EPSS 0.00

TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the password recovery mechanism. The issue results from reliance upon the secrecy of the password derivation algorithm when generating a recovery password. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-20484.

CWE-640 May 03, 2024

CVE-2024-33530 7.5 HIGH EPSS 0.00

In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings (that make use of a lobby) leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby.

CWE-640 May 02, 2024

CVE-2024-27899 8.8 HIGH EPSS 0.00

Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer. This can be leveraged by an attacker to cause profound impact on confidentiality and low impact on both integrity and availability.

CWE-640 Apr 09, 2024

CVE-2024-2862 9.1 CRITICAL EXPLOITED NUCLEI EPSS 0.79

This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.

CWE-287 Mar 25, 2024

CVE-2024-2463 8.0 HIGH EPSS 0.00

Weak password recovery mechanism in CDeX application allows to retrieve password reset token.This issue affects CDeX application versions through 5.7.1.

CWE-640 Mar 21, 2024

CVE-2024-24903 8.0 HIGH EPSS 0.00

Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.

CWE-640 Mar 01, 2024

CVE-2021-29038 6.3 MEDIUM EPSS 0.00

Liferay Portal 7.2.0 through 7.3.5, and older unsupported versions, and Liferay DXP 7.3 before fix pack 1, 7.2 before fix pack 17, and older unsupported versions does not obfuscate password reminder answers on the page, which allows attackers to use man-in-the-middle or shoulder surfing attacks to steal user's password reminder answers.

CWE-640 Feb 20, 2024

CVE-2024-22454 8.8 HIGH EPSS 0.01

Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change

CWE-640 Feb 13, 2024

CVE-2024-0491 5.3 MEDIUM EPSS 0.00

A vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. Affected is an unknown function of the file src/main/java/com/jsh/erp/controller/UserController.java. The manipulation leads to weak password recovery. It is possible to launch the attack remotely. Upgrading to version 3.2 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-250596.

CWE-640 Jan 13, 2024

CVE-2023-7028 10.0 CRITICAL KEV 19 PoCs Analysis NUCLEI EPSS 0.93

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.

CWE-640 Jan 12, 2024

CVE-2024-0425 5.3 MEDIUM 1 Writeup EPSS 0.00

A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability affects unknown code of the file /admin/index.php?act=reset_admin_psw. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250444.

CWE-640 Jan 11, 2024

CVE-2023-50172 5.3 MEDIUM EPSS 0.00

A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to the silent creation of a recovery pass code for any user.

CWE-640 Jan 10, 2024

CVE-2023-49589 8.8 HIGH EPSS 0.00

An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to an arbitrary user password recovery. An attacker can send an HTTP request to trigger this vulnerability.

CWE-640 Jan 10, 2024

CVE-2024-0186 3.7 LOW EPSS 0.00

A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0.0. Affected is an unknown function of the file /user/index/findpass?do=4 of the component HTTP POST Request Handler. The manipulation leads to weak password recovery. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249444.

CWE-640 Jan 02, 2024