Password Reset Vulnerability (Poisoning) | Acunetix
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Email Account - T1087.003 Multi-Factor Authentication - T1556.006 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Connection Proxy - T1090
Show in Graph
Common Information
Type Value
UUID e1c2f3df-5499-4d64-8417-86baaf334242
Fingerprint a516969956673a45
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 21, 2019, 7 a.m.
Added to db Jan. 18, 2023, 10:46 p.m.
Last updated Nov. 17, 2024, 5:56 p.m.
Headline Password Reset Vulnerability (Poisoning)
Title Password Reset Vulnerability (Poisoning) | Acunetix
Detected Hints/Tags/Attributes 33/2/10
Source URLs
Redirection Url
Details Source https://www.acunetix.com/blog/articles/password-reset-poisoning/
URL Provider
Details Provider Source level domain
Details acunetix.com www.acunetix.com
Attributes
Details Type #Events CTI Value
Details Domain 831 
example.com
Details Domain 11 
bar.com
Details Domain 3 
evilhost.com
Details Email 2 
example.com/reset.php?email=foo@bar.com
Details File 6 
reset.php
Details File 3 
reset-password.php
Details File 68 
config.ini
Details Url 2 
https://example.com/reset.php?email=foo@bar.com
Details Url 2 
https://example.com/reset.php
Details Url 2 
https://evilhost.com/reset-password.php?token=12345678