A critical vulnerability has been identified in the Restajet Information Technologies Online Food Delivery System. This flaw allows an attacker to make unlimited attempts to reset a user's password, which could lead to unauthorized account takeovers, exposing sensitive user data and enabling fraudulent activity.

The password recovery mechanism of the affected system fails to implement proper rate-limiting or account lockout policies. This allows an attacker to perform a brute-force attack by repeatedly submitting password recovery requests or guessing recovery tokens/codes. An attacker can use automated tools to cycle through countless possibilities without being blocked, eventually guessing the correct value and successfully resetting a legitimate user's password to gain full control of their account.

This vulnerability is rated as critical severity with a CVSS score of 9.1. Successful exploitation could lead to widespread account takeovers of both customers and potentially administrators. The business impact includes the compromise of personally identifiable information (PII), theft of stored financial data, fraudulent transactions, and significant reputational damage. This could result in direct financial loss, loss of customer trust, and potential legal and regulatory penalties for failing to protect user data.

Immediate Action: Apply the security patches or update the Restajet Information Technologies Online Food Delivery System to the latest version as recommended by the vendor. After patching, it is crucial to monitor system logs for any signs of exploitation attempts that may have occurred prior to the update.

Proactive Monitoring: Security teams should actively monitor application and web server logs for an unusually high volume of failed password reset attempts originating from a single IP address or targeting a single user account. Monitor for successful password resets followed immediately by logins from unusual geographic locations or IP ranges.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with rules to enforce rate-limiting on the password recovery endpoint. Enforcing multi-factor authentication (MFA) for all user accounts would also serve as a strong compensating control, as a compromised password alone would not be sufficient for an attacker to gain access.

Public Exploit Available: false

Given the critical CVSS score of 9.1 and the high potential for account compromise and data theft, it is strongly recommended that organizations prioritize the immediate deployment of the vendor-provided patch. Although this vulnerability is not currently listed on the CISA KEV list, its severity warrants urgent attention. In the interim, organizations should implement the recommended compensating controls, such as WAF rate-limiting and MFA, to mitigate risk.