Vulnerability in Rising Technosoft Cap Back Office Application
CVE-2025-29998
This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnera…
EPSS: 0.004 (27.5th percentile) — read the EPSS interpretation.
Affected products
- Rising Technosoft Cap Back Office Application — versions <2.0.4
Weakness classification (CWE)
Public proof-of-concept exploits
References
- vdisclose@cert-in.org.in (third-party-advisory)
Frequently asked questions
- What is CVE-2025-29998?
- CVE-2025-29998 is a vulnerability in Rising Technosoft Cap Back Office Application, classified under CWE-799. Published 2025-03-13.
- Is CVE-2025-29998 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.