VYPR
Critical severity9.1NVD Advisory· Published Mar 10, 2026· Updated May 7, 2026

CVE-2025-69615

CVE-2025-69615

Description

Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:telekom:account_management_portal:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:telekom:account_management_portal:*:*:*:*:*:*:*:*range: <=2025-10-24
    • (no CPE)range: <2025-10-24
  • Deutsche Telekom AG/Telekom Account Management Portaldescription

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.