exploitDog

CVE-2025-63747

Опубликовано: 17 нояб. 2025

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.

Ссылки

http://qatraq.com
Broken Link
https://bitsbyamg.com/blog/post/2025/10/19/qatraq-692-default-creds-and-file-upload-rce
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:testmanagement:qatraq:6.9.2:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.0008

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-521

Связанные уязвимости

GHSA-93rm-c2r8-5v86

CVSS3: 9.8

github

3 месяца назад

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.

EPSS

Процентиль: 24%

0.0008

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-521