Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.4
Deutsche Telekom Portal: Hackers can change passwords and take over accounts
CVE-2025-69614
Summary
A security issue in the Deutsche Telekom Account Management Portal allowed unauthorized users to reset passwords and gain full access to accounts. This means that hackers could potentially take control of users' accounts. To fix this, Deutsche Telekom has updated the portal to prevent this vulnerability.
Original title
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Acc...
Original description
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31.
nvd CVSS3.1
9.4
Vulnerability type
CWE-640
Published: 10 Mar 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026