Vulnerability in Rising Technosoft Cap Back Office Application

CVE-2025-29998

This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnera…

EPSS: 0.004 (27.5th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2025-29998?
CVE-2025-29998 is a vulnerability in Rising Technosoft Cap Back Office Application, classified under CWE-799. Published 2025-03-13.
Is CVE-2025-29998 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.