PT-2025-22650 · Megabip · Megabip
Kamil Szczurowski
+1
·
Published
2025-05-23
·
Updated
2025-05-23
·
CVE-2025-3895
CVSS v4.0
9.1
Critical
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
MegaBIP versions prior to 5.20
Description
The issue arises from the generation of password reset tokens in MegaBIP software, which uses a small space of random values combined with a queryable value. This allows an unauthenticated attacker who knows user login names to brute force these tokens and change account passwords, including those belonging to administrators.
Recommendations
For versions prior to 5.20, update to version 5.20 to fix this issue. As a temporary workaround, consider restricting access to password reset functionality until the update is applied. Avoid using the password reset feature with queryable values until the issue is resolved.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Megabip