| Title | Sangfor Operation and Maintenance Security Management System (OSM / 运维安全管理系统) 3.0.12 Unauthenticated Arbitrary Password Reset |
|---|
| Description | A critical unauthenticated arbitrary password reset vulnerability exists in the Sangfor Operation and Maintenance Security Management System (OSM). The vulnerability is located in the endpoint /fort/login/edit_pwd_mall.
The application provides a specific interface intended for third-party integration (e.g., internal malls). The backend logic fails to verify the current session or the original password when a specific flag parameter (isflag=true) is present. This allows an unauthenticated attacker to reset the password of any user, including the built-in administrator account, by simply knowing their username. |
|---|
| Source | ⚠️ https://github.com/LX-LX88/cve/issues/21 |
|---|
| User | LINXI666 (UID 91556) |
|---|
| Submission | 01/11/2026 06:31 AM (3 months ago) |
|---|
| Moderation | 01/22/2026 08:40 AM (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 342301 [Sangfor Operation and Maintenance Security Management System edit_pwd_mall password recovery] |
|---|
| Points | 20 |
|---|