Authentication Bypass Vulnerability in Akinsoft OctoCloud
CVE-2025-2414

8.6HIGH

Key Information:

Vendor: Akinsoft
Status: Octocloud
Vendor: CVE Published:; 2 September 2025

What is CVE-2025-2414?

An improper restriction of excessive authentication attempts in Akinsoft's OctoCloud can lead to authentication bypass. This vulnerability allows attackers to gain unauthorized access by exploiting weak authentication controls present in version s1.09.03, prior to v1.11.01, thereby compromising the security of the system.

Affected Version(s)

OctoCloud s1.09.03

References

https://www.usom.gov.tr/bildirim/tr-25-0203

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 2, 2025
Vulnerability Reserved
Mar 17, 2025

Credit

Berat ARSLAN