VYPR
Vendor

CAP

Products
1
CVEs
5
Across products
5
Status
Private

Products

1

Recent CVEs

5
  • CVE-2025-29995HigMar 13, 2025
    risk 0.54cvss epss 0.00

    This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An authenticated remote attacker with a valid login ID could exploit this vulnerability through vulnerable API endpoint which could lead to account…

  • CVE-2025-29998HigMar 13, 2025
    risk 0.53cvss epss 0.00

    This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the…

  • CVE-2025-29997HigMar 13, 2025
    risk 0.53cvss epss 0.00

    This vulnerability exists in the CAP back office application due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API request URL to gain unauthorized access to other user accounts.

  • CVE-2025-29996HigMar 13, 2025
    risk 0.53cvss epss 0.00

    This vulnerability exists in the CAP back office application due to improper implementation of OTP verification mechanism in its API based login. A remote attacker with valid credentials could exploit this vulnerability by manipulating API request URL/payload. Successful…

  • CVE-2025-29994HigMar 13, 2025
    risk 0.53cvss epss 0.00

    This vulnerability exists in the CAP back office application due to improper authentication check at the API endpoint. An unauthenticated remote attacker with a valid login ID could exploit this vulnerability by manipulating API input parameters through API request URL/payload…