CVE-2025-10161 PoC — Authentication Bypass in Turkguven's Perfektive

Source

Associated Vulnerability

Description

Authentication Bypass in Turkguven's Perfektive

Readme

# CVE-2025-10161
Authentication Bypass in Turkguven's Perfektive

# Description
Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Technologies Inc. Perfektive allows Brute Force, Authentication Bypass, Functionality Bypass.This issue affects Perfektive: before Version: 12574 Build: 2701.

# CWE
CWE-307: CWE-307 Improper Restriction of Excessive Authentication Attempts
CWE-602: CWE-602 Client-Side Enforcement of Server-Side Security
CWE-807: CWE-807 Reliance on Untrusted Inputs in a Security Decision

# CVSS
| Score | Severity | Version | Vector String                              |
|--------|-----------|----------|--------------------------------------------|
| 7.3    | HIGH      | 3.1      | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |

# Versions
- Affected from 0 before Version: 12574 Build: 2701

# Credits
- Ferit ÖZNER

# References
https://www.usom.gov.tr/bildirim/tr-25-0387

### CVE 
https://www.cve.org/CVERecord?id=CVE-2025-10161

### NIST
https://nvd.nist.gov/vuln/detail/CVE-2025-10161

File Snapshot

 [4.0K]  /data/pocs/c6e3b0ebf392c76408411537b0216664582a2ee2
├── [4.0K]  img
│   ├── [101K]  1.png
│   ├── [342K]  2.png
│   ├── [334K]  3.png
│   ├── [372K]  4.png
│   └── [178K]  5.png
├── [ 552]  POC.md
└── [1.2K]  README.md

2 directories, 7 files

Remarks