CVE-2026-35675: Improper Restriction of Excessive Authentication Attempts in thorsten phpMyFAQ
phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in the password reset endpoint that allows unauthenticated attackers to reset any user account password without token verification or email confirmation. Attackers can enumerate valid usernames, obtain plaintext passwords via email, and achieve complete account takeover including administrative access.
AI Analysis
Technical Summary
CVE-2026-35675 describes an authentication bypass vulnerability in phpMyFAQ before version 4.1.3. The vulnerability exists in the password reset functionality, where the system fails to properly restrict excessive authentication attempts and does not require token verification or email confirmation to reset passwords. This enables unauthenticated attackers to reset passwords of arbitrary user accounts, enumerate valid usernames, and obtain plaintext passwords sent by email. The vulnerability has a CVSS 3.1 base score of 8.2, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impacts confidentiality and integrity.
Potential Impact
Successful exploitation allows attackers to reset any user’s password without authentication, enumerate valid usernames, and receive plaintext passwords via email. This leads to complete account takeover, including administrative accounts, compromising confidentiality and integrity of the system. There is no indication of availability impact. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or patch link is provided, users should monitor the vendor's announcements for updates. Until a patch is available, restrict access to the password reset endpoint if possible and consider additional monitoring or temporary mitigations to prevent abuse of the password reset functionality.
CVE-2026-35675: Improper Restriction of Excessive Authentication Attempts in thorsten phpMyFAQ
Description
phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in the password reset endpoint that allows unauthenticated attackers to reset any user account password without token verification or email confirmation. Attackers can enumerate valid usernames, obtain plaintext passwords via email, and achieve complete account takeover including administrative access.
CVSS v3.1
Score 8.2high
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-35675 describes an authentication bypass vulnerability in phpMyFAQ before version 4.1.3. The vulnerability exists in the password reset functionality, where the system fails to properly restrict excessive authentication attempts and does not require token verification or email confirmation to reset passwords. This enables unauthenticated attackers to reset passwords of arbitrary user accounts, enumerate valid usernames, and obtain plaintext passwords sent by email. The vulnerability has a CVSS 3.1 base score of 8.2, indicating high severity with network attack vector, low attack complexity, no privileges or user interaction required, and impacts confidentiality and integrity.
Potential Impact
Successful exploitation allows attackers to reset any user’s password without authentication, enumerate valid usernames, and receive plaintext passwords via email. This leads to complete account takeover, including administrative accounts, compromising confidentiality and integrity of the system. There is no indication of availability impact. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or patch link is provided, users should monitor the vendor's announcements for updates. Until a patch is available, restrict access to the password reset endpoint if possible and consider additional monitoring or temporary mitigations to prevent abuse of the password reset functionality.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulnCheck
- Date Reserved
- 2026-04-04T12:32:50.477Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a186052e29bf47b500b4205
Added to database: 5/28/2026, 3:33:38 PM
Last enriched: 5/28/2026, 3:49:26 PM
Last updated: 5/29/2026, 8:21:40 AM
Views: 8
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.