目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CWE-640 忘记口令恢复机制弱 类漏洞列表 114

CWE-640 忘记口令恢复机制弱 类弱点 114 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-640属于身份验证绕过类漏洞,指应用程序在用户忘记密码时提供的恢复机制存在安全缺陷。攻击者通常利用该弱点,通过猜测简单安全问题、拦截重置链接或暴力破解临时令牌,从而非法重置密码并接管账户。开发者应避免使用可预测的恢复凭据,采用多因素认证、发送一次性动态验证码至受控邮箱或手机,并实施速率限制以增强恢复流程的安全性。

MITRE CWE 官方描述
CWE:CWE-640 遗忘密码的弱密码恢复机制 英文:产品包含一种允许用户在不知道原始密码的情况下恢复或更改密码的机制,但该机制存在弱点。 应用程序通常具备一种机制,以便在用户忘记密码时提供访问其账户的途径。然而,密码恢复机制往往存在弱点,这使得除合法系统用户之外的其他人更有可能获得该用户账户的访问权限。弱密码恢复方案会完全破坏强密码认证方案的有效性。这种弱点可能表现为安全提示问题过于简单,容易被猜测或找到答案(例如,因为问题过于常见,或者答案可以通过社交媒体获取)。或者,密码恢复机制的代码可能存在实现弱点,例如欺骗系统将新密码发送到用户之外的其他电子邮件账户。密码重置的频率可能缺乏速率限制(throttling),导致攻击者通过快速连续尝试恢复密码,从而对合法用户造成服务拒绝(denial of service)。系统可能会向用户发送原始密码,而不是生成新的临时密码。总之,密码恢复功能如果未经过仔细设计和实现,往往会成为系统中最薄弱的环节,可能被滥用,从而使攻击者能够未经授权地访问系统。
常见影响 (3)
Access ControlGain Privileges or Assume Identity
An attacker could gain unauthorized access to the system by retrieving legitimate user's authentication credentials.
AvailabilityDoS: Resource Consumption (Other)
An attacker could deny service to legitimate system users by launching a brute force attack on the password recovery mechanism using user ids of legitimate users.
Integrity, OtherOther
The system's security functionality is turned against the system by the attacker.
缓解措施 (5)
Architecture and DesignMake sure that all input supplied by the user to the password recovery mechanism is thoroughly filtered and validated.
Architecture and DesignDo not use standard weak security questions and use several security questions.
Architecture and DesignMake sure that there is throttling on the number of incorrect answers to a security question. Disable the password recovery functionality after a certain (small) number of incorrect guesses.
Architecture and DesignRequire that the user properly answers the security question prior to resetting their password and sending the new password to the e-mail address of record.
Architecture and DesignNever allow the user to control what e-mail address the new password will be sent to in the password recovery mechanism.
代码示例 (1)
A famous example of this type of weakness being exploited is the eBay attack. eBay always displays the user id of the highest bidder. In the final minutes of the auction, one of the bidders could try to log in as the highest bidder three times. After three incorrect log in attempts, eBay password throttling would kick in and lock out the highest bidder's account for some time. An attacker could th…
CVE ID标题CVSS风险等级Published
CVE-2026-11551 Branda <=3.4.29 未授权权限提升漏洞 — Branda – White Label & Branding, Free Login Page Customizer 9.8 Critical2026-06-19
CVE-2026-56081 Cap-go 2FA配置不当导致账户锁定漏洞 — capgo 9.1 Critical2026-06-19
CVE-2026-12066 PbootCMS 授权问题漏洞 — PbootCMS 7.3 High2026-06-12
CVE-2026-50635 LimeSurvey 授权问题漏洞 — LimeSurvey 8.8 High2026-06-09
CVE-2026-10169 School Student Management System 授权问题漏洞 — School Student Management System 3.7 Low2026-05-31
CVE-2026-7459 WordPress plugin Simple History 授权问题漏洞 — Simple History – Track, Log, and Audit WordPress Changes 7.5 High2026-05-30
CVE-2026-35676 phpMyFAQ 安全漏洞 — phpMyFAQ 8.2 High2026-05-28
CVE-2026-9609 FoxCMS 授权问题漏洞 — FoxCMS 4.7 Medium2026-05-27
CVE-2026-9466 Tiandy Easy7 Integrated Management Platform 授权问题漏洞 — Easy7 Integrated Management Platform 5.3 Medium2026-05-25
CVE-2026-42606 AzuraCast 授权问题漏洞 — AzuraCast 8.1 High2026-05-09
CVE-2026-7652 WordPress plugin LatePoint 授权问题漏洞 — LatePoint – Calendar Booking Plugin for Appointments and Events 5.3 Medium2026-05-09
CVE-2026-29199 phpBB 授权问题漏洞 — phpBB 8.2 -2026-05-04
CVE-2026-7554 D-Link M60 授权问题漏洞 — M60 5.6 Medium2026-05-01
CVE-2026-40585 blueprintUE self-hosted edition 安全漏洞 — blueprintue-self-hosted-edition 7.4 High2026-04-21
CVE-2026-24467 OpenAEV 安全漏洞 — openaev 9.1 Critical2026-04-20
CVE-2025-36579 Dell Client Platform BIOS 安全漏洞 — Dell Pro 14 Essential PV14250 5.1 Medium2026-04-16
CVE-2026-33707 Chamilo LMS 授权问题漏洞 — chamilo-lms 9.4 Critical2026-04-10
CVE-2026-4136 WordPress plugin Membership Plugin – Restrict Content 授权问题漏洞 — Membership Plugin – Restrict Content 4.3 Medium2026-03-20
CVE-2026-27593 Statamic 授权问题漏洞 — cms 9.3 Critical2026-02-24
CVE-2026-2895 FunAdmin 授权问题漏洞 — funadmin 3.7 Low2026-02-21
CVE-2026-2564 Intelbras VIP 3260 Z IA 授权问题漏洞 — VIP 3260 Z IA 8.1 High2026-02-16
CVE-2020-37158 AVideo 授权问题漏洞 — AVideo Platform 5.3 Medium2026-02-11
CVE-2020-37172 AVideo 授权问题漏洞 — AVideo Platform 5.3 Medium2026-02-11
CVE-2026-25858 mall 授权问题漏洞 — mall 9.1 Critical2026-02-07
CVE-2026-1325 Sangfor Operation and Maintenance Security Management System 授权问题漏洞 — Operation and Maintenance Security Management System 5.3 Medium2026-01-22
CVE-2022-50910 Beehive Forum 授权问题漏洞 — Beehive Forum 9.8 Critical2026-01-13
CVE-2025-15398 Badaso 安全漏洞 — badaso 3.7 Low2025-12-31
CVE-2025-14783 WordPress plugin Easy Digital Downloads 授权问题漏洞 — Easy Digital Downloads – eCommerce Payments and Subscriptions made easy 4.3 Medium2025-12-31
CVE-2023-53958 LDAP Tool Box Self Service Password 授权问题漏洞 — LDAP Tool Box Self Service Password 7.5 High2025-12-19
CVE-2025-14696 Sixun Shanghui Business Management System 授权问题漏洞 — Sixun Shanghui Group Business Management System 5.3 Medium2025-12-15

CWE-640(忘记口令恢复机制弱) 是常见的弱点类别,本平台收录该类弱点关联的 114 条 CVE 漏洞。