PT-2026-22059 · Sub2Api · Sub2Api

Wei-Shaw

·

Publicado

2026-02-26

·

Atualizado

2026-03-05

·

CVE-2026-27812

CVSS v3.1

9.1

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions Sub2API versions prior to 0.1.85
Description Sub2API is an AI API gateway platform for managing API quotas. A Password Reset Poisoning issue exists due to trust in the Host and Forwarded headers, allowing manipulation of the password reset link. Attackers can inject a domain into the password reset link, potentially leading to account takeover via the affected endpoint.
Recommendations Upgrade to version 0.1.85 or later. Disable the "forgot password" feature until an upgrade to a patched version can be performed.

Exploit

Correção

Improper Encoding or Escaping of Output

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-116

Identificadores relacionados

CVE-2026-27812
GHSA-VC2Q-289V-74G3

Produtos afetados

Sub2Api