Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-13375 | 2025-01-21 | 9.8 Critical | ||
| The Adifier System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.1.7. This is due to the plugin not properly validating a user's identity prior to updating their details like password through the adifier_recover() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. | ||||
| CVE-2024-34077 | 1 Mantisbt | 1 Mantisbt | 2025-01-16 | 7.3 High |
| MantisBT (Mantis Bug Tracker) is an open source issue tracker. Insufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeover their account, if the victim has an incomplete request pending. The exploit is only possible while the verification token is valid, i.e for 5 minutes after the confirmation URL sent by e-mail has been opened, and the user did not complete the process by updating their password. A brute-force attack calling account_update.php with increasing user IDs is possible. A successful takeover would grant the attacker full access to the compromised account, including sensitive information and functionalities associated with the account, the extent of which depends on its privileges and the data it has access to. Version 2.26.2 contains a patch for the issue. As a workaround, one may mitigate the risk by reducing the verification token's validity (change the value of the `TOKEN_EXPIRY_AUTHENTICATED` constant in `constants_inc.php`). | ||||
| CVE-2018-8916 | 1 Synology | 1 Diskstation Manager | 2025-01-14 | N/A |
| Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to reset password without verification. | ||||
| CVE-2023-3069 | 1 Corebos | 1 Corebos | 2025-01-08 | 9.8 Critical |
| Unverified Password Change in GitHub repository tsolucio/corebos prior to 8. | ||||
| CVE-2024-51493 | 1 Octoprint | 1 Octoprint | 2024-12-18 | 5.3 Medium |
| OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain a vulnerability that allows an attacker that has gained temporary control over an authenticated victim's OctoPrint browser session to retrieve/recreate/delete the user's or - if the victim has admin permissions - the global API key without having to reauthenticate by re-entering the user account's password. An attacker could use a stolen API key to access OctoPrint through its API, or disrupt workflows depending on the API key they deleted. This vulnerability will be patched in version 1.10.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-28143 | 2024-12-13 | 8.4 High | ||
| The password change function at /cgi/admin.cgi does not require the current/old password, which makes the application vulnerable to account takeover. An attacker can use this to forcefully set a new password within the -rsetpass+-aaction+- parameter for a user without knowing the old password, e.g. by exploiting a CSRF issue. | ||||
| CVE-2024-37998 | 2024-11-21 | 9.8 Critical | ||
| A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). The password of administrative accounts of the affected applications can be reset without requiring the knowledge of the current password, given the auto login is enabled. This could allow an unauthorized attacker to obtain administrative access of the affected applications. | ||||
| CVE-2024-33699 | 2 Level1, Levelone | 3 Wbr-6012, Wbr-6012 Firmware, Wbr-6012 | 2024-11-21 | 9.9 Critical |
| The LevelOne WBR-6012 router's web application has a vulnerability in its firmware version R0.40e6, allowing attackers to change the administrator password and gain higher privileges without the current password. | ||||
| CVE-2024-26520 | 1 Xiongwei Technology | 1 Restaurant Digital Comprehensive Management | 2024-11-21 | 9.8 Critical |
| An issue in Hangzhou Xiongwei Technology Development Co., Ltd. Restaurant Digital Comprehensive Management platform v1 allows an attacker to bypass authentication and perform arbitrary password resets. | ||||
| CVE-2024-23637 | 1 Octoprint | 1 Octoprint | 2024-11-21 | 4.2 Medium |
| OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an admin account might use this to lock out actual admins from their OctoPrint instance. The vulnerability will be patched in version 1.10.0. | ||||
| CVE-2023-5844 | 1 Pimcore | 1 Admin Classic Bundle | 2024-11-21 | 7.2 High |
| Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0. | ||||
| CVE-2023-4465 | 1 Poly | 8 Ccx 400, Ccx 400 Firmware, Ccx 600 and 5 more | 2024-11-21 | 2.7 Low |
| A vulnerability, which was classified as problematic, was found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150, VVX 201, VVX 250, VVX 300, VVX 301, VVX 310, VVX 311, VVX 350, VVX 400, VVX 401, VVX 410, VVX 411, VVX 450, VVX 500, VVX 501, VVX 600 and VVX 601. Affected is an unknown function of the component Configuration File Import. The manipulation of the argument device.auth.localAdminPassword leads to unverified password change. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249258 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-4381 | 1 Instantcms | 1 Instantcms | 2024-11-21 | 4.3 Medium |
| Unverified Password Change in GitHub repository instantsoft/icms2 prior to 2.16.1-git. | ||||
| CVE-2022-3152 | 1 Php-fusion | 1 Phpfusion | 2024-11-21 | 8.8 High |
| Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20. | ||||
| CVE-2022-2930 | 1 Octoprint | 1 Octoprint | 2024-11-21 | 7.8 High |
| Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3. | ||||
| CVE-2022-21935 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2024-11-21 | 7.5 High |
| A vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 allows unverified password change. | ||||
| CVE-2022-21934 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2024-11-21 | 8 High |
| Under certain circumstances an authenticated user could lock other users out of the system or take over their accounts in Metasys ADS/ADX/OAS server 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS server 11 versions prior to 11.0.2. | ||||
| CVE-2021-34786 | 1 Cisco | 1 Broadworks Commpilot Application Software | 2024-11-21 | 6.5 Medium |
| Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. | ||||
| CVE-2021-34785 | 1 Cisco | 1 Broadworks Commpilot Application Software | 2024-11-21 | 6.5 Medium |
| Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. | ||||
| CVE-2021-22773 | 1 Schneider-electric | 12 Evlink City Evc1s22p4, Evlink City Evc1s22p4 Firmware, Evlink City Evc1s7p4 and 9 more | 2024-11-21 | 6.5 Medium |
| A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker connected to the charging station web server to modify the password of a user. | ||||