CVE-2020-37158 in AVideoinformação

Sumário

de MITRE • 11/02/2026

AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

10/02/2026

Divulgação

11/02/2026

Moderação

aceite

Entrada

VDB-345648

CPE

pronto

CWE

CWE-352 (confirmado)

Exploração

Descarregar

CVSS

9.8 (NVD)

EPSS

0.00107

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-37158
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-37158
CVE Details	https://www.cvedetails.com/cve/CVE-2020-37158/

◂ Voltar Visão Geral Próximo ▸

Interested in the pricing of exploits?

See the underground prices here!