CVE-2022-26872
8.3HIGH
AMI Megarac Password reset interception via API
AMI Megarac Password reset interception via API
1/30/2023CWE-640, CWE-640
Weakness Type
CWE-640
All CVE vulnerabilities classified under this weakness type.
View on MITRE CWETotal CVEs
50
Critical
18
In KEV
0
With Exploits
0
CVE-2021-27654
7.8HIGH
Forgotten password reset functionality for local accounts can be used to bypass local authentication checks.
Forgotten password reset functionality for local accounts can be used to bypass local authentication checks.
1/28/2022CWE-640, CWE-640
CVE-2022-0777
7.5HIGH
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.
3/1/2022CWE-640, CWE-640
CVE-2024-48428
9.8CRITICAL
An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function.
An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function.
10/25/2024CWE-640, CWE-640
CVE-2023-28821
5.3MEDIUM
Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.
Concrete CMS (previously concrete5) before 9.1 did not have a rate limit for password resets.
4/28/2023CWE-640, CWE-640
CVE-2024-38468
9.8CRITICAL
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API.
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API.
6/16/2024CWE-640, CWE-640
CVE-2022-45637
9.8CRITICAL
An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism.
An insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism.
3/21/2023CWE-640, CWE-640
CVE-2021-36436
5.3MEDIUM
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint.
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint.
4/20/2023CWE-640, CWE-640
CVE-2021-22763
9.8CRITICAL
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 (see security notification for ...
6/11/2021CWE-640
CVE-2018-1000812
8.1HIGH
Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45
Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45...
12/20/2018CWE-640
CVE-2024-38287
9.8CRITICAL
The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's
The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's ...
7/25/2024CWE-640, CWE-640
CVE-2020-12067
7.5HIGH
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.
12/26/2022CWE-640, CWE-640
CVE-2022-44004
9.8CRITICAL
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of authentication, unauthenticated attackers can complete the password-reset process for any account and set a
An issue was discovered in BACKCLICK Professional 5.9.63. Due to insecure design or lack of authentication, unauthenticated attackers can complete the password-reset process for any account and set a ...
11/16/2022CWE-640, CWE-640
CVE-2024-12604
6.5MEDIUM
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Rec
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Tapandsign Technologies Tap&Sign App allows Password Rec...
3/10/2025CWE-526, CWE-640 +2
CVE-2022-1073
7.3HIGH
A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as critical. An attack leads to privilege escalation. The attack can be launched remotely.
A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as critical. An attack leads to privilege escalation. The attack can be launched remotely.
3/29/2022CWE-640, CWE-640
CVE-2018-16529
9.8CRITICAL
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to
A password reset vulnerability has been discovered in Forcepoint Email Security 8.5.x. The password reset URL can be used after the intended expiration period or after the URL has already been used to...
3/28/2019CWE-640, CWE-640
CVE-2024-8878
9.8CRITICAL
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: throug
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: throug...
9/25/2024CWE-640, CWE-640
CVE-2021-25957
8.8HIGH
In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using
In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerable to account takeover via password reset functionality. A low privileged attacker can reset the password of any user in the application using ...
8/17/2021CWE-640, CWE-640
CVE-2023-31459
8.8HIGH
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect versions 9.6.2208.101 and earlier could allow an unauthenticated attacker with internal network access to authenticate...
5/24/2023CWE-640, CWE-640
CVE-2021-25961
8.0HIGH
In “SuiteCRM” application, v7.1.7 through v7.10.31 and v7.11-beta through v7.11.20 fail to properly invalidate password reset links that is associated with a deleted user id, which makes it possible f
In “SuiteCRM” application, v7.1.7 through v7.10.31 and v7.11-beta through v7.11.20 fail to properly invalidate password reset links that is associated with a deleted user id, which makes it possible f...
9/29/2021CWE-640, CWE-640
CVE-2012-5618
9.8CRITICAL
Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens.
Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens.
2/4/2020CWE-640
CVE-2012-5686
9.8CRITICAL
ZPanel 10.0.1 has insufficient entropy for its password reset process.
ZPanel 10.0.1 has insufficient entropy for its password reset process.
2/4/2020CWE-640, CWE-798
CVE-2023-3222
7.5HIGH
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-...
9/4/2023CWE-640, CWE-640
CVE-2019-6560
9.1CRITICAL
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords wit
In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and prior and Marine Observer Pro (Android App), the software contains a mechanism for users to recover or change their passwords wit...
3/23/2020CWE-640, CWE-640
CVE-2021-44037
7.5HIGH
Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning.
Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning.
11/19/2021CWE-640
CVE-2021-36209
9.8CRITICAL
In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset.
In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset.
8/6/2021CWE-640
CVE-2021-37541
6.1MEDIUM
In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible.
In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible.
8/6/2021CWE-74, CWE-640
CVE-2022-27157
9.8CRITICAL
pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php.
pearweb < 1.32 is suffers from a Weak Password Recovery Mechanism via include/users/passwordmanage.php.
4/15/2022CWE-640
CVE-2021-31912
8.8HIGH
In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
In JetBrains TeamCity before 2020.2.3, account takeover was potentially possible during a password reset.
5/11/2021CWE-640
CVE-2017-7629
7.5HIGH
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
6/15/2017CWE-640
CVE-2023-5840
8.8HIGH
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.
10/29/2023CWE-640
CVE-2023-35717
8.8HIGH
TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP
TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP...
5/3/2024CWE-640, CWE-640
CVE-2023-3007
6.5MEDIUM
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the componen
A vulnerability was found in ningzichun Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file resetPassword.php of the componen...
5/31/2023CWE-640, CWE-640
CVE-2022-24892
6.4MEDIUM
Shopware is an open source e-commerce software platform. Starting with version 5.0.4 and before version 5.7.9, multiple tokens for password reset can be requested. All tokens can be used to change the
Shopware is an open source e-commerce software platform. Starting with version 5.0.4 and before version 5.7.9, multiple tokens for password reset can be requested. All tokens can be used to change the...
4/28/2022CWE-640, CWE-640
CVE-2024-5404
9.8CRITICAL
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism.
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism.
6/3/2024CWE-640
CVE-2024-5277
7.5HIGH
In lunary-ai/lunary version 1.2.4, a vulnerability exists in the password recovery mechanism where the reset password token is not invalidated after use. This allows an attacker who compromises the re
In lunary-ai/lunary version 1.2.4, a vulnerability exists in the password recovery mechanism where the reset password token is not invalidated after use. This allows an attacker who compromises the re...
6/6/2024CWE-640, CWE-640
CVE-2020-5361
5.1MEDIUM
Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords. Dell is aware of unauthorized
Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that is designed to assist authorized customers who forget their passwords. Dell is aware of unauthorized ...
1/4/2021CWE-640, CWE-640
CVE-2024-53552
9.8CRITICAL
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.
12/10/2024CWE-640
CVE-2020-27179
9.8CRITICAL
konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens.
konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens.
10/27/2020CWE-640
CVE-2014-6412
8.1HIGH
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.
4/12/2018CWE-640
CVE-2017-8385
5.3MEDIUM
Craft CMS before 2.6.2976 does not prevent modification of the URL in a forgot-password email message.
Craft CMS before 2.6.2976 does not prevent modification of the URL in a forgot-password email message.
5/1/2017CWE-640
CVE-2024-2862
9.1CRITICAL
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.
3/25/2024CWE-287, CWE-640
CVE-2025-53704
7.5HIGH
The password reset mechanism for the Pivot client application is weak, and it may allow an attacker to take over the account.
The password reset mechanism for the Pivot client application is weak, and it may allow an attacker to take over the account.
12/4/2025CWE-640
CVE-2023-35134
7.4HIGH
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only.
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only.
7/19/2023CWE-640
CVE-2017-12851
8.8HIGH
An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46.
An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46.
8/14/2017CWE-640
CVE-2023-47107
8.8HIGH
PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header
PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within PILOS uses the hostname supplied within the request host header ...
11/8/2023CWE-20, CWE-640 +1
CVE-2025-1570
8.1HIGH
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including,
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including,...
2/28/2025CWE-640, CWE-640
CVE-2024-6203
8.3HIGH
HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability. Poisoned password reset links can be sent to existing HaloITSM users (given their email address is known). Whe
HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability. Poisoned password reset links can be sent to existing HaloITSM users (given their email address is known). Whe...
8/6/2024CWE-640, CWE-640
CVE-2024-36407
3.7LOW
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, a user password can be reset from an unauthenticated attacker. The attack
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, a user password can be reset from an unauthenticated attacker. The attack...
6/10/2024CWE-640, CWE-640
CVE-2018-17298
9.8CRITICAL
An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
9/21/2018CWE-640
Showing 50 of many CVEs