QwikSec

Security Database

CVE

CWE

Training

CVE-2025-42601

Published: Apr 23, 2025

Modified: Apr 23, 2025

PUBLISHED

Description

This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the Captcha in certain API endpoints. A remote attacker could exploit this vulnerability by intercepting the request and removing the Captcha parameter leading to bypassing the Captcha verification mechanism.

Vendor	Product	Versions
Meon	KYC solutions	affected `1.1`

Weaknesses (CWE)

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0082

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.