CVE-2025-60424

Published: Oct 27, 2025

Modified: Oct 27, 2025

PUBLISHED

Description

A lack of rate limiting in the OTP verification component of Nagios Fusion v2024R1.2 and v2024R2 allows attackers to bypass authentication via a bruteforce attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/aakashtyal/2FA-Bypass-using-a-Brute-Force-Attack

https://www.nagios.com/changelog/#fusion

https://github.com/aakashtyal/2FA-Bypass-using-a-Brute-Force-Attack-CVE-2025-60424

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-60424

Description

Affected Products

References