CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-60424

A lack of rate limiting in the OTP verification component of Nagios Fusion v2024R1.2 and v2024R2 allows attackers to bypass authentication via a bruteforce attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.3%

CVSS Severity

CVSS v3 Score 7.6

References

https://github.com/aakashtyal/2FA-Bypass-using-a-Brute-Force-Attack
https://github.com/aakashtyal/2FA-Bypass-using-a-Brute-Force-Attack-CVE-2025-60424
https://www.nagios.com/changelog/#fusion

Products affected by CVE-2025-60424

Nagios » Fusion » Version: 2024

cpe:2.3:a:nagios:fusion:2024

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-60424

Products

Pricing

Contact Us