exploitDog

GHSA-6gj4-63c6-7cg5

Опубликовано: 12 мая 2025

Источник: github

Github: Не прошло ревью

CVSS4: 9.3

CVSS3: 9.8

Описание

The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's password and use the modified password to log into the system.

The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's password and use the modified password to log into the system.

Ссылки

EPSS

Процентиль: 45%

0.00228

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-620

Связанные уязвимости

CVE-2025-4558

CVSS3: 9.8

nvd

9 месяцев назад

The GPM from WormHole Tech has an Unverified Password Change vulnerability, allowing unauthenticated remote attackers to change any user's password and use the modified password to log into the system.

EPSS

Процентиль: 45%

0.00228

Низкий

9.3 Critical

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-620