CVE-2021-31646
CRITICALgestsup < 3.2.10 - Account Takeover via Weak Password Recovery Token
Title source: llmDescription
Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote). The affected component is the file forgot_pwd.php - it uses a weak algorithm for the generation of password recovery tokens (the PHP uniqueid function), allowing a brute force attack.
References (3)
Core 3
Core References
Patch, Vendor Advisory x_refsource_misc
https://gestsup.fr/index.php?page=download
Broken Link, Third Party Advisory x_refsource_misc
https://dojo.maltem.ca/public/advisories/CVE-2021-31646.html
Patch, Vendor Advisory x_refsource_misc
https://gestsup.fr/index.php?page=download&channel=beta&version=3.2.10&type=patch
Scores
CVSS v3
9.8
EPSS
0.0134
EPSS Percentile
67.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-307
Status
published
Products (1)
gestsup/gestsup
< 3.2.10
Published
Apr 26, 2021
Tracked Since
Feb 18, 2026