CWE-640— Weak Password Recovery Mechanism for Forgotten Password
245 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-640page 4 of 5
- CVE-2024-22454HIGHCVSS 8.8EG 8.82024-02-13
Dell PowerProtect Data Manager, version 19.15 and prior versions, contain a weak password recovery mechanism for forgotten passwords. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized …
- CVE-2024-2463HIGHCVSS 8.0EG 8.02024-03-21
Weak password recovery mechanism in CDeX application allows to retrieve password reset token.This issue affects CDeX application versions through 5.7.1.
- CVE-2024-24903HIGHCVSS 8.0EG 8.02024-03-01
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unaut…
- CVE-2024-27899HIGHCVSS 8.8EG 8.82024-04-09
Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security requirements for the content of the newly defined security answer. This can be leveraged by an attacker to cause…
- CVE-2024-2862CRITICALCVSS 9.1EG 9.12024-03-25
This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED Assistant.
- CVE-2024-32642HIGHCVSS 8.8EG 8.82025-12-03
Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, there is vulnerable to host header poisoning which allows account takeover via password reset email. This vulnerability is fixed in 7.2.8…
- CVE-2024-33530HIGHCVSS 7.5EG 7.52024-05-02
In Jitsi Meet before 9391, a logic flaw in password-protected Jitsi meetings (that make use of a lobby) leads to the disclosure of the meeting password when a user is invited to a call after waiting in the lobby.
- CVE-2024-36407LOWCVSS 3.7EG 3.72024-06-10
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, a user password can be reset from an unauthenticated attacker. The attacker does not get access to the new passw…
- CVE-2024-38287CRITICALCVSS 9.8EG 9.82024-07-25
The password-reset mechanism in the Forgot Password functionality in R-HUB TurboMeeting through 8.x allows unauthenticated remote attackers to force the application into resetting the administrator's password to a random insecure 8-digit v…
- CVE-2024-38468CRITICALCVSS 9.8EG 9.82024-06-16
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized password resets via the resetPassword API.
- CVE-2024-42915HIGHCVSS 8.0EG 8.02024-08-23
A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attackers to arbitrarily reset other users' p…
- CVE-2024-43190MEDIUMCVSS 5.9EG 5.92025-07-07
IBM Engineering Requirements Management DOORS 9.7.2.9, under certain configurations, could allow a remote attacker to obtain password reset instructions of a legitimate user using man in the middle techniques.
- CVE-2024-45670MEDIUMCVSS 5.6EG 5.62024-11-14
IBM Security SOAR 51.0.1.0 and earlier contains a mechanism for users to recover or change their passwords without knowing the original password, but the user account must be compromised prior to the weak recovery mechanism.
- CVE-2024-45980HIGHCVSS 8.8EG 8.82024-09-26
A host header injection vulnerability in MEANStore 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compr…
- CVE-2024-47547CRITICALCVSS 9.4EG 9.42024-12-06
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication vulnerable to brute force attacks.
- CVE-2024-48428CRITICALCVSS 9.8EG 9.82024-10-25
An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function.
- CVE-2024-50356NONECVSS 0.0EG 0.02024-10-31
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even tho…
- CVE-2024-5277HIGHCVSS 7.5EG 6.42024-06-06
In lunary-ai/lunary version 1.2.4, a vulnerability exists in the password recovery mechanism where the reset password token is not invalidated after use. This allows an attacker who compromises the recovery token to repeatedly change the p…
- CVE-2024-53552CRITICALCVSS 9.8EG 9.82024-12-10
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover.
- CVE-2024-5404CRITICALCVSS 9.8EG 9.82024-06-03
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery mechanism.
- CVE-2024-6125HIGHCVSS 8.1EG 8.12024-06-19
The Login with phone number plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 1.7.34. This is due to the plugin generating too weak a reset code, and the code used to reset the password has…
- CVE-2024-6203HIGHCVSS 8.3EG 8.32024-08-06
HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability. Poisoned password reset links can be sent to existing HaloITSM users (given their email address is known). When these poisoned links get accessed (e.…
- CVE-2024-8692MEDIUMCVSS 5.3EG 5.32024-09-11
A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The attack can be launched remotely. The explo…
- CVE-2024-8878CRITICALCVSS 9.8EG 9.82024-09-25
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: through 4.05.
- CVE-2024-9302HIGHCVSS 8.1EG 8.12024-10-25
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. This is due to the verify_otp_forgot_password()…
- CVE-2024-9305HIGHCVSS 8.1EG 8.12024-10-16
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.4.4. This is due to the appp_reset_password() and validate_reset_password() fun…
- CVE-2024-9907LOWCVSS 3.7EG 3.72024-10-13
A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation lead…
- CVE-2025-0331MEDIUMCVSS 5.3EG 5.32025-01-09
A vulnerability, which was classified as critical, has been found in YunzMall up to 2.4.2. This issue affects the function changePwd of the file /app/platform/controllers/ResetpwdController.php of the component HTTP POST Request Handler. T…
- CVE-2025-10127CRITICALCVSS 9.8EG 7.32025-09-11
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without pri…
- CVE-2025-10322MEDIUMCVSS 5.3EG 5.32025-09-12
A vulnerability has been found in Wavlink WL-WN578W2 221110. The affected element is an unknown function of the file /sysinit.html. The manipulation of the argument newpass/confpass leads to weak password recovery. The attack is possible t…
- CVE-2025-1231MEDIUMCVSS 5.4EG 5.42025-02-11
Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality.
- CVE-2025-12866CRITICALCVSS 9.8EG 9.82025-11-10
EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechanism vulnerability, allowing unauthenticated remote attacker to predict or brute-force the 'forgot password' link, thereby successfully resetting any user's password.
- CVE-2025-13565MEDIUMCVSS 5.3EG 5.32025-11-23
A weakness has been identified in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the file /model/user/resetPassword.php. Executing manipulation can lead to weak password recovery. The attack …
- CVE-2025-14696MEDIUMCVSS 5.3EG 5.32025-12-15
A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 4.10.24.3. Affected by this vulnerability is an unknown functionality of the file /api/GylOperator/UpdatePasswordBatch. The manipulat…
- CVE-2025-14783MEDIUMCVSS 4.3EG 4.32025-12-31
The Easy Digital Downloads plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.6.2. This is due to insufficient validation on the redirect url supplied via the 'edd_redirect' parameter. This m…
- CVE-2025-15398LOWCVSS 3.7EG 3.72025-12-31
A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password …
- CVE-2025-1570HIGHCVSS 8.1EG 8.12025-02-28
The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 8.1. This is due to the directorist_ge…
- CVE-2025-2093LOWCVSS 3.1EG 3.12025-03-07
A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-password.php. The manipulation of the argumen…
- CVE-2025-22144CRITICALCVSS 9.8EG 9.82025-01-13
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset their password. When the account is success…
- CVE-2025-29995HIGHCVSS 8.3EG 0.02025-03-13
This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit this vulnerability through vulnerable AP…
- CVE-2025-31380CRITICALCVSS 9.8EG 9.82025-04-17
Weak Password Recovery Mechanism for Forgotten Password vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Password Recovery Exploitation.This issue affects Paid Videochat Turnkey Site: from n/a through <= 7.…
- CVE-2025-32486CRITICALCVSS 9.8EG 9.82025-09-09
Weak Password Recovery Mechanism for Forgotten Password vulnerability in Hossein Material Dashboard material-dashboard.This issue affects Material Dashboard: from n/a through <= 1.4.6.
- CVE-2025-36579MEDIUMCVSS 5.1EG 5.12026-04-16
Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability, leading to unauthorized access.
- CVE-2025-3849MEDIUMCVSS 4.3EG 4.32025-04-22
A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password chan…
- CVE-2025-41251HIGHCVSS 8.1EG 8.12025-09-29
VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks. Impact: Username enumeration → credential…
- CVE-2025-4319CRITICALCVSS 9.4EG 9.42026-01-23
Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation.T…
- CVE-2025-4320CRITICALCVSS 10.0EG 10.02026-01-23
Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation.This is…
- CVE-2025-43931CRITICALCVSS 9.8EG 9.82025-07-07
flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.
- CVE-2025-43932CRITICALCVSS 9.8EG 9.82025-07-07
JobCenter through 7e7b0b2 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.
- CVE-2025-4552MEDIUMCVSS 5.4EG 5.42025-05-12
A vulnerability has been found in ContiNew Admin up to 3.6.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dev-api/system/user/1/password. The manipulation leads to unverified passwo…
Map vulnerabilities like CWE-640 to your infrastructure
EchelonGraph correlates every CVE — across CWE-640 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →