CVE-2025-60375

Published: Oct 9, 2025

Modified: Oct 10, 2025

PUBLISHED

Description

The authentication mechanism in Perfex CRM before 3.3.1 allows attackers to bypass login credentials due to insufficient server-side validation. By sending empty username and password parameters in the login request, an attacker can gain unauthorized access to user accounts, including administrative accounts, without providing valid credentials.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/AhamedYaseen03/CVE-2025-60375

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-60375

Description

Affected Products

References