CVE-2025-63747

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-63747

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-63747.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-63747

Published

2025-11-17T16:15:50.463Z

Modified

2026-03-13T03:40:54.359015Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-63747.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.9.2"
            }
        ]
    }
]