CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-69615

Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.9%

CVSS Severity

CVSS v3 Score 9.1

References

https://gist.github.com/ethicalrohitt/b3e6d071aac8530459e8b3a5720bb832
https://www.telekom.com/en/company/data-privacy-and-security/news/acknowledgements-358300#R

Products affected by CVE-2025-69615

Telekom » Account Management Portal » Version: Any

cpe:2.3:a:telekom:account_management_portal:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-69615

Products

Pricing

Contact Us