CVE-2025-9521

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...

CVE-2025-9521

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...

CVE-2025-9521

CVE-2025-9521 concerns a Password Confirmation Bypass in Omada Controllers. The trusted-source documents indicate that an attacker with a valid session token can bypass secondary verification and change a user’s password without proper confirmation, weakening account security. Affected product is...

CVE-2025-9521

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...

EUVD-2025-206348

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...

CVE-2025-9521 Password Confirmation Bypass in Omada Controller

Password Confirmation Bypass vulnerability in Omada Controllers, allowing an attacker with a valid session token to bypass secondary verification, and change the user’s password without proper confirmation, leading to weakened account security...

CVE-2022-29534

An issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can be bypassed via vectors involving an "Accept: application/json" header...

CVE-2022-30755

Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent...

PT-2022-19684 · Misp · Misp

Name of the Vulnerable Software and Affected Versions: MISP versions prior to 2.4.158 Description: An issue was discovered in the UsersController.php file, where password confirmation can be bypassed via vectors involving an "Accept: application/json" header. Recommendations: For versions prior t...