CVE-2026-25858
Unknown Unknown - Not Provided
Authentication Bypass in macrozheng mall Password Reset Enables Account Takeover

Publication date: 2026-02-07

Last updated on: 2026-04-07

Assigner: VulnCheck

Description
macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account passwords using only a victim’s telephone number. The password reset flow exposes the one-time password (OTP) directly in the API response and validates password reset requests solely by comparing the provided OTP to a value stored by telephone number, without verifying user identity or ownership of the telephone number. This enables remote account takeover of any user with a known or guessable telephone number.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-07
Last Modified
2026-04-07
Generated
2026-05-07
AI Q&A
2026-02-08
EPSS Evaluated
2026-05-05
NVD
CVE-2026-25858
EUVD
EUVD-2026-5713
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
macrozheng mall to 1.0.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-640 The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in macrozheng mall version 1.0.3 and earlier. It is an authentication flaw in the password reset workflow of the mall-portal. An unauthenticated attacker can reset any user's password by using only the victim's telephone number.

The issue arises because the password reset process exposes the one-time password (OTP) directly in the API response and validates the reset request solely by comparing the provided OTP to a stored value linked to the telephone number. There is no verification of the user's identity or ownership of the telephone number.

As a result, an attacker who knows or can guess a victim's telephone number can remotely take over that user's account by resetting their password.


How can this vulnerability impact me? :

This vulnerability can lead to remote account takeover by attackers without any authentication.

  • Attackers can reset passwords of any user if they know or guess the user's telephone number.
  • Compromised accounts may lead to unauthorized access to personal or sensitive information.
  • It can result in loss of user trust and potential financial or reputational damage.

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart