Vulnerability Description
macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account passwords using only a victim’s telephone number. The password reset flow exposes the one-time password (OTP) directly in the API response and validates password reset requests solely by comparing the provided OTP to a value stored by telephone number, without verifying user identity or ownership of the telephone number. This enables remote account takeover of any user with a known or guessable telephone number.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Macrozheng | Mall | <= 1.0.3 |
Related Weaknesses (CWE)
References
- https://github.com/macrozheng/mall/issues/946Not Applicable
- https://www.macrozheng.com/Permissions Required
- https://www.vulncheck.com/advisories/macrozheng-mall-unauthenticated-password-reThird Party AdvisoryVDB Entry
FAQ
What is CVE-2026-25858?
CVE-2026-25858 is a vulnerability with a CVSS score of 9.1 (CRITICAL). macrozheng mall version 1.0.3 and prior contains an authentication vulnerability in the mall-portal password reset workflow that allows an unauthenticated attacker to reset arbitrary user account pass...
How severe is CVE-2026-25858?
CVE-2026-25858 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2026-25858?
Check the references section above for vendor advisories and patch information. Affected products include: Macrozheng Mall.