CVE-2020-37158 in AVideoinfo

Zusammenfassung

von MITRE • 11.02.2026

AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulnCheck

Reservieren

10.02.2026

Veröffentlichung

11.02.2026

Moderieren

akzeptiert

Eintrag

VDB-345648

CPE

bereit

CWE

CWE-352 (bestätigt)

Exploit

Download

CVSS

9.8 (NVD)

EPSS

0.00107

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-37158
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-37158
CVE Details	https://www.cvedetails.com/cve/CVE-2020-37158/

◂ Zurück Übersicht Weiter ▸

Want to know what is going to be exploited?

We predict KEV entries!