7.3 CVE-2026-15479
A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function change_passwd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure.
https://nvd.nist.gov/vuln/detail/CVE-2026-15479
Categories
CWE-640 : Weak Password Recovery Mechanism for Forgotten Password
The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak. Make sure that all input supplied by the user to the password recovery mechanism is thoroughly filtered and validated. Do not use standard weak security questions and use several security questions. Make sure that there is throttling on the number of incorrect answers to a security question. Disable the password recovery functionality after a certain (small) number of incorrect guesses. Require that the user properly answers the security question prior to resetting their password and sending the new password to the e-mail address of record. Never allow the user to control what e-mail address the new password will be sent to in the password recovery mechanism. Assign a new temporary password rather than revealing the original password. password reset functionality for a WordPress plugin allows a brute force attack of the one-time password password reset functionality for a WordPress plugin allows a brute force attack of the one-time password password recovery mechanism for AI developer toolkit does not invalidate the reset password token after it is used, allowing attackers to reuse the token to change passwords of victims web conference product resets passwords to random 8-digit values, allowing brute force attacks by retrieving the hash
References
AFFECTED (from MITRE)
| Vendor |
Product |
Versions |
| H3C |
NX15 |
|
| © 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. |
CPE
REMEDIATION
EXPLOITS
Exploit-db.com
| id |
description |
date |
|
| No known exploits |
POC Github
Other Nist (github, ...)
CAPEC
Common Attack Pattern Enumerations and Classifications
| id |
description |
severity |
| 50 |
Password Recovery Exploitation
An attacker may take advantage of the application feature to help users recover their forgotten passwords in order to gain access into the system with the same privileges as the original user. Generally password recovery schemes tend to be weak and insecure. Understand the password recovery mechanism and how it works. Find a weakness in the password recovery mechanism and exploit it. For instance, a weakness may be that a standard single security question is used with an easy to determine answer. |
High |
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
Discover this offer