CVE-2026-15479
Received Received - Intake

Weak Password Recovery in H3C NX15

Vulnerability report for CVE-2026-15479, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-12

Last updated on: 2026-07-12

Assigner: VulDB

Description

A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function change_passwd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-12
Last Modified
2026-07-12
Generated
2026-07-12
AI Q&A
2026-07-12
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
h3c nx15 v100r017

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-640 The product contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the H3C NX15 V100R017 device, specifically in the Administrator Password Modification Endpoint's function change_passwd located in the /api/login/modify file. The issue arises from improper handling of the argument newPass, which leads to weak password recovery mechanisms.

An attacker can exploit this vulnerability remotely without any authentication, allowing them to change the administrator password and potentially take over the admin account.

Impact Analysis

Exploitation of this vulnerability allows an attacker to remotely change the administrator password without authentication, effectively gaining full control over the affected device.

This can lead to unauthorized access, data compromise, disruption of services, and potential further attacks within the network where the device is deployed.

Detection Guidance

This vulnerability involves the Administrator Password Modification Endpoint in H3C NX15 V100R017, specifically the /api/login/modify function. Detection can be approached by monitoring for unauthorized or suspicious requests to this endpoint, especially those attempting to manipulate the newPass argument without proper authentication.

A practical method to detect exploitation attempts is to analyze network traffic or logs for HTTP requests targeting /api/login/modify with unusual or repeated password change attempts.

Additionally, the public exploit script named "preauth_login_modify_takeover.py" available in the referenced GitHub repository can be used in a controlled environment to test if your system is vulnerable.

  • Use network monitoring tools (e.g., Wireshark, tcpdump) to filter HTTP POST requests to /api/login/modify.
  • Check web server or device logs for entries involving password change attempts without authentication.
  • Run the provided proof-of-concept exploit script in a test environment to verify vulnerability presence.
Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable endpoint /api/login/modify to trusted networks or IP addresses only.

Implement network-level controls such as firewalls or access control lists (ACLs) to block unauthorized remote access attempts to the device.

Monitor logs and network traffic for suspicious activity targeting the password modification endpoint.

If possible, apply any vendor-provided patches or updates addressing this vulnerability once available.

Change administrator passwords regularly and ensure strong password policies are enforced.

Compliance Impact

The vulnerability allows remote attackers to manipulate the password change function without authentication, leading to weak password recovery and potential unauthorized administrative access.

Such unauthorized access and weak password controls can lead to compromised confidentiality, integrity, and availability of systems, which may result in non-compliance with common standards and regulations like GDPR and HIPAA that require strong access controls and protection of sensitive data.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-15479. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart