Vulnerabilities > CVE-2025-22144 - Weak Password Recovery Mechanism for Forgotten Password vulnerability in Namelessmc Nameless

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

namelessmc

CWE-640

critical

NVD

Published: 2025-01-13

Updated: 2025-05-13

Summary

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can validate users and an attacker can reset their password. When the account is successfully approved by email the reset code is NULL, but when the account is manually validated by a user with admincp.core.emails or admincp.users.edit permissions then the reset_code will no longer be NULL but empty. An attacker can request http://localhost/nameless/index.php?route=/forgot_password/&c= and reset the password. As a result an attacker may compromise another users password and take over their account. This issue has been addressed in release version 2.1.3 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Namelessmc Namelessmc Nameless 1.0.0 Namelessmc Nameless 1.0.1 Namelessmc Nameless 1.0.2 Namelessmc Nameless 1.0.3 Namelessmc Nameless 1.0.4 Namelessmc Nameless 1.0.5 Namelessmc Nameless 1.0.6 Namelessmc Nameless 1.0.7 Namelessmc Nameless 1.0.8 Namelessmc Nameless 1.0.9 Namelessmc Nameless 1.0.10 Namelessmc Nameless 1.0.11 Namelessmc Nameless 1.0.12 Namelessmc Nameless 1.0.13 Namelessmc Nameless 1.0.14 Namelessmc Nameless 1.0.15 Namelessmc Nameless 1.0.16 Namelessmc Nameless 1.0.17 Namelessmc Nameless 1.0.18 Namelessmc Nameless 1.0.19 Namelessmc Nameless 1.0.20 Namelessmc Nameless 1.0.21 Namelessmc Nameless 1.0.22 Namelessmc Nameless 2.0.0 Namelessmc Nameless 2.0.1 Namelessmc Nameless 2.0.2 Namelessmc Nameless 2.0.3	40

Common Weakness Enumeration (CWE)

CWE-640 - Weak Password Recovery Mechanism for Forgotten Password

Common Attack Pattern Enumeration and Classification (CAPEC)

Password Recovery Exploitation
An attacker may take advantage of the application feature to help users recover their forgotten passwords in order to gain access into the system with the same privileges as the original user. Generally password recovery schemes tend to be weak and insecure. Most of them use only one security question . For instance, mother's maiden name tends to be a fairly popular one. Unfortunately in many cases this information is not very hard to find, especially if the attacker knows the legitimate user. These generic security questions are also re-used across many applications, thus making them even more insecure. An attacker could for instance overhear a coworker talking to a bank representative at the work place and supplying their mother's maiden name for verification purposes. An attacker can then try to log in into one of the victim's accounts, click on "forgot password" and there is a good chance that the security question there will be to provide mother's maiden name. A weak password recovery scheme totally undermines the effectiveness of a strong password scheme.

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

References