Authentication Bypass Vulnerability in Akinsoft LimonDesk
CVE-2025-2416

8.6HIGH

Key Information:

Vendor: Akinsoft
Status: Limondesk
Vendor: CVE Published:; 3 September 2025

What is CVE-2025-2416?

The Akinsoft LimonDesk software is vulnerable to an improper restriction of excessive authentication attempts, allowing unauthorized users to bypass the authentication mechanism. This issue affects versions s1.02.14 through s1.02.16, enabling attackers to exploit this flaw and gain access to sensitive functionalities without proper credentials. Users are advised to upgrade to version 1.02.17 or later to mitigate the risk associated with this vulnerability.

Affected Version(s)

LimonDesk s1.02.14

References

https://www.usom.gov.tr/bildirim/tr-25-0206

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 3, 2025
Vulnerability Reserved
Mar 17, 2025

Credit

Berat ARSLAN