CVE-2025-63747

Critical CVSS: 9.8

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.

Vendor

Testmanagement

Product

Qatraq

CWE

CWE-521

Yayın Tarihi

2025-11-17 16:15:50

Güncelleme

2025-11-26 15:50:35

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-521 Qatraq CRITICAL Testmanagement 2025

Referanslar

http://qatraq.com https://bitsbyamg.com/blog/post/2025/10/19/qatraq-692-default-creds-and-file-upload-rce