CNNVD-202509-4457 Information

Sep 30, 2025 cve

CNNVD ID

CNNVD-202509-4457

CVE-2025-56676

CNNVD Published: 2025-09-30

Description (Chinese)

TitanSystems Zender是菲律宾TitanSystems公司的一款消息网关软件。 TitanSystems Zender 3.9.7版本存在安全漏洞，该漏洞源于密码重置功能中令牌与用户关联验证不当，可能导致账户接管和权限提升。

Description (English)

TitanSystems Zender is a news gateway software for TitanSystems in the Philippines. There is a security loophole in version 3.9.7 of TitanSystems Zender, which stems from the inappropriate authentication of the connection between the token and the user in the password reset function, which may lead to the taking over of the account and the enhancement of privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

TitanSystems

Published

2025-09-30

Last Modified

2026-02-24

References

https://codecanyon.net/item/zender-android-mobile-devices-as-sms-gateway-saas-platform/26594230 https://darklotus.medium.com/cve-2025-56676-critical-vulnerability-in-zender-gateway-allows-account-takeover-2b5bcb50c762 https://previews.titansystems.ph/zender/dashboard/auth

Patch

https://codecanyon.net/item/zender-android-mobile-devices-as-sms-gateway-saas-platform/26594230

Share on: