Telekom: >> Account Management Portal Security Vulnerabilities
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31.
CVSS Score
9.4
EPSS Score
0.0
Published
2026-03-10
Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03.
CVSS Score
9.1
EPSS Score
0.0
Published
2026-03-10