VYPR
Unrated severityNVD Advisory· Published Feb 20, 2026· Updated Feb 23, 2026

CVE-2025-70833

CVE-2025-70833

Description

An Authentication Bypass vulnerability in Smanga 3.2.7 allows an unauthenticated attacker to reset the password of any user (including the administrator) and fully takeover the account by manipulating POST parameters. The issue stems from insecure permission validation in check-power.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Smanga/Smangacpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 3.2.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.