目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-640 忘记口令恢复机制弱 类漏洞列表 104

CWE-640 忘记口令恢复机制弱 类弱点 104 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-640属于身份验证绕过类漏洞,指应用程序在用户忘记密码时提供的恢复机制存在安全缺陷。攻击者通常利用该弱点,通过猜测简单安全问题、拦截重置链接或暴力破解临时令牌,从而非法重置密码并接管账户。开发者应避免使用可预测的恢复凭据,采用多因素认证、发送一次性动态验证码至受控邮箱或手机,并实施速率限制以增强恢复流程的安全性。

MITRE CWE 官方描述
CWE:CWE-640 遗忘密码的弱密码恢复机制 英文:产品包含一种允许用户在不知道原始密码的情况下恢复或更改密码的机制,但该机制存在弱点。 应用程序通常具备一种机制,以便在用户忘记密码时提供访问其账户的途径。然而,密码恢复机制往往存在弱点,这使得除合法系统用户之外的其他人更有可能获得该用户账户的访问权限。弱密码恢复方案会完全破坏强密码认证方案的有效性。这种弱点可能表现为安全提示问题过于简单,容易被猜测或找到答案(例如,因为问题过于常见,或者答案可以通过社交媒体获取)。或者,密码恢复机制的代码可能存在实现弱点,例如欺骗系统将新密码发送到用户之外的其他电子邮件账户。密码重置的频率可能缺乏速率限制(throttling),导致攻击者通过快速连续尝试恢复密码,从而对合法用户造成服务拒绝(denial of service)。系统可能会向用户发送原始密码,而不是生成新的临时密码。总之,密码恢复功能如果未经过仔细设计和实现,往往会成为系统中最薄弱的环节,可能被滥用,从而使攻击者能够未经授权地访问系统。
常见影响 (3)
Access ControlGain Privileges or Assume Identity
An attacker could gain unauthorized access to the system by retrieving legitimate user's authentication credentials.
AvailabilityDoS: Resource Consumption (Other)
An attacker could deny service to legitimate system users by launching a brute force attack on the password recovery mechanism using user ids of legitimate users.
Integrity, OtherOther
The system's security functionality is turned against the system by the attacker.
缓解措施 (5)
Architecture and DesignMake sure that all input supplied by the user to the password recovery mechanism is thoroughly filtered and validated.
Architecture and DesignDo not use standard weak security questions and use several security questions.
Architecture and DesignMake sure that there is throttling on the number of incorrect answers to a security question. Disable the password recovery functionality after a certain (small) number of incorrect guesses.
Architecture and DesignRequire that the user properly answers the security question prior to resetting their password and sending the new password to the e-mail address of record.
Architecture and DesignNever allow the user to control what e-mail address the new password will be sent to in the password recovery mechanism.
代码示例 (1)
A famous example of this type of weakness being exploited is the eBay attack. eBay always displays the user id of the highest bidder. In the final minutes of the auction, one of the bidders could try to log in as the highest bidder three times. After three incorrect log in attempts, eBay password throttling would kick in and lock out the highest bidder's account for some time. An attacker could th…
CVE ID标题CVSS风险等级Published
CVE-2026-7652 LatePoint <= 5.5.0 弱密码恢复机制导致未授权账户接管漏洞 — LatePoint – Calendar Booking Plugin for Appointments and Events 5.3 Medium2026-05-09
CVE-2026-29199 phpBB < 3.3.16 Host Header注入致账号接管 — phpBB 8.2AIHighAI2026-05-04
CVE-2026-7554 D-Link M60 httpd 密码恢复漏洞 — M60 5.6 Medium2026-05-01
CVE-2026-40585 blueprintUE self-hosted edition 安全漏洞 — blueprintue-self-hosted-edition 7.4 High2026-04-21
CVE-2026-24467 OpenAEV 安全漏洞 — openaev 9.1 Critical2026-04-20
CVE-2025-36579 Dell Client Platform BIOS 安全漏洞 — Dell Pro 14 Essential PV14250 5.1 Medium2026-04-16
CVE-2026-33707 Chamilo LMS 授权问题漏洞 — chamilo-lms 9.4 Critical2026-04-10
CVE-2026-4136 WordPress plugin Membership Plugin – Restrict Content 授权问题漏洞 — Membership Plugin – Restrict Content 4.3 Medium2026-03-20
CVE-2026-27593 Statamic 授权问题漏洞 — cms 9.3 Critical2026-02-24
CVE-2026-2895 FunAdmin 授权问题漏洞 — funadmin 3.7 Low2026-02-21
CVE-2026-2564 Intelbras VIP 3260 Z IA 授权问题漏洞 — VIP 3260 Z IA 8.1 High2026-02-16
CVE-2020-37158 AVideo 授权问题漏洞 — AVideo Platform 5.3 Medium2026-02-11
CVE-2020-37172 AVideo 授权问题漏洞 — AVideo Platform 5.3 Medium2026-02-11
CVE-2026-25858 mall 授权问题漏洞 — mall 9.1 Critical2026-02-07
CVE-2026-1325 Sangfor Operation and Maintenance Security Management System 授权问题漏洞 — Operation and Maintenance Security Management System 5.3 Medium2026-01-22
CVE-2022-50910 Beehive Forum 授权问题漏洞 — Beehive Forum 9.8 Critical2026-01-13
CVE-2025-15398 Badaso 安全漏洞 — badaso 3.7 Low2025-12-31
CVE-2025-14783 WordPress plugin Easy Digital Downloads 授权问题漏洞 — Easy Digital Downloads – eCommerce Payments and Subscriptions made easy 4.3 Medium2025-12-31
CVE-2023-53958 LDAP Tool Box Self Service Password 授权问题漏洞 — LDAP Tool Box Self Service Password 7.5 High2025-12-19
CVE-2025-14696 Sixun Shanghui Business Management System 授权问题漏洞 — Sixun Shanghui Group Business Management System 5.3 Medium2025-12-15
CVE-2025-64113 Emby Server 授权问题漏洞 — security 8.1AIHighAI2025-12-09
CVE-2025-53704 MAXHUB Pivot client application 授权问题漏洞 — Pivot client application 7.5 High2025-12-04
CVE-2025-13565 SourceCodester Inventory Management System 授权问题漏洞 — Inventory Management System 5.3 Medium2025-11-23
CVE-2025-62709 ClipBucket 授权问题漏洞 — clipbucket-v5 6.8 Medium2025-11-20
CVE-2025-62406 Piwigo 授权问题漏洞 — Piwigo 8.1 High2025-11-18
CVE-2025-12866 Hundred Plus EIP Plus 授权问题漏洞 — EIP Plus 9.8 Critical2025-11-10
CVE-2025-61977 AutomationDirect Productivity Suite 授权问题漏洞 — Productivity Suite 7.0 High2025-10-23
CVE-2025-41251 VMware Cloud Foundation 安全漏洞 — NSX 8.1 High2025-09-29
CVE-2025-10322 Wavlink WL-WN578W2 授权问题漏洞 — WL-WN578W2 5.3 Medium2025-09-12
CVE-2025-10127 Daikin Security Gateway 授权问题漏洞 — Security Gateway 9.8 Critical2025-09-11

CWE-640(忘记口令恢复机制弱) 是常见的弱点类别,本平台收录该类弱点关联的 104 条 CVE 漏洞。