53 matches found
CVE-2025-69614
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
EUVD-2025-208507
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
EUVD-2025-208506
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
CVE-2025-69614
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
CVE-2025-69615
Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03...
PT-2026-24257
Name of the Vulnerable Software and Affected Versions Deutsche Telekom AG Telekom Account Management Portal versions prior to 2025-11-03 Description An issue exists with access control due to a lack of rate-limiting for two-factor authentication 2FA, enabling unlimited brute-force attempts and a...
CVE-2025-69615
Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03...
CVE-2025-69615
Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03...
CVE-2025-69614
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
CVE-2025-69614
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
CVE-2025-69614
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31...
CVE-2025-69615
Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03...
Deutsche Telekom Account Management Portal 安全漏洞
The Deutsche Telekom Account Management Portal is an online portal system used by Deutsche Telekom in Germany for managing user accounts and configuring services. Versions of the Deutsche Telekom Account Management Portal prior to October 2025 contained security vulnerabilities. These...
CVE-2025-69615
The CVE-2025-69615 entry describes an Incorrect Access Control flaw in the Deutsche Telekom AG Telekom Account Management Portal where there is missing 2FA rate-limiting, enabling unlimited brute-force attempts and full MFA bypass with no user interaction. Affected versions are before 2025-10-24,...
PT-2026-24256
Name of the Vulnerable Software and Affected Versions Deutsche Telekom AG Telekom Account Management Portal versions prior to 2025-10-27 Description An incorrect access control issue exists due to activation token reuse on the password-reset endpoint. This allows unauthorized password resets and...
CVE-2025-69614
CVE-2025-69614 affects Deutsche Telekom AG Telekom Account Management Portal (versions prior to 2025-10-27). Root cause: Incorrect Access Control via activation token reuse on the password-reset endpoint, enabling unauthorized password resets and potential full account takeover. Impact is rated C...
Deutsche Telekom Account Management Portal 安全漏洞
The Deutsche Telekom Account Management Portal is an online portal system used by Deutsche Telekom in Germany for managing user accounts and configuring services. Versions of the Deutsche Telekom Account Management Portal prior to version 2025-10-24 contained security vulnerabilities. These...
EUVD-2008-1260
Malware in sbrugna...
EUVD-2007-2641
Malware in sbrugna...
Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack
An excruciating, easily exploited flaw in the ubiquitous Java logging library Apache Log4j could allow unauthenticated remote code execution RCE and complete server takeover — and it’s being exploited in the wild. The flaw first turned up on sites that cater to users of the world’s favorite game,...