CVE-2025-40712 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete…
Critical CVSS: 9.3

CVE-2025-40712

SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This vulnerability allows an attacker to retrieve, create, update and delete databases through the id_concesion parameter in /<Client>FacturaE/DescargarFactura.
Vendor
Quiter
Product
Quiter Gateway
CWE
CWE-89
Yayın Tarihi
2025-07-08 12:15:22
Güncelleme
2025-10-15 19:32:41
Source Identifier
cve-coordination@incibe.es
KEV Date Added
-

Kategoriler

CWE-89 Quiter Gateway CRITICAL Quiter 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-quiterweb-autoweb-quiter