Primary

Context

MAXHUB Pivot Weak Password Reset Vulnerability Allowing Account Takeover

Vulnerability

A vulnerability exists in the password reset mechanism of the MAXHUB Pivot client application, all versions prior to v1.36.2. This weakness may enable an attacker to take over a user's account by exploiting the flawed password recovery process.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user accounts by allowing attackers to reset passwords and gain control over the accounts.

Remediation

Users are advised to upgrade the MAXHUB Pivot client application to version 1.36.2 or newer. For more information, visit the MAXHUB support page.

Added: Dec 4, 2025, 10:21 PM

Updated: Dec 4, 2025, 10:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MAXHUB Pivot Weak Password Reset Vulnerability Allowing Account Takeover

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating