High severityNVD Advisory· Published Mar 13, 2025· Updated Apr 15, 2026
CVE-2025-29996
CVE-2025-29996
Description
This vulnerability exists in the CAP back office application due to improper implementation of OTP verification mechanism in its API based login. A remote attacker with valid credentials could exploit this vulnerability by manipulating API request URL/payload. Successful exploitation of this vulnerability could allow the attacker to bypass Two-Factor Authentication (2FA) for other user accounts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.