IDOR in Akınsoft QRMenu_CVE-2025-9902

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

Authorization Bypass Through User-Controlled Key vulnerability in AKIN Software Computer Import Export Industry and Trade Co. Ltd. QRMenu allows Privilege Abuse.This issue affects QRMenu: from 1.05.12 before Version dated 05.09.2025.

Basic Information

ID CVE-2025-9902

Source TR-CERT

Published Oct 13, 2025 at 13:06

Affected Product

Vendor AKIN Software Computer Import Export Industry and Trade Co. Ltd.

Product QRMenu

Version 1.05.12

Affected Versions AKIN Software Computer Import Export Industry and Trade Co. Ltd. QRMenu 1.05.12

CWE Classification

CWE-639

References

www.usom.gov.tr /bildirim/tr-25-0333

{
    "lastseen": "",
    "description": "Authorization Bypass Through User-Controlled Key vulnerability in AKIN Software Computer Import Export Industry and Trade Co. Ltd. QRMenu allows Privilege Abuse.This issue affects QRMenu: from 1.05.12 before Version dated 05.09.2025.",
    "published": "2025-10-13T13:06:53.001Z",
    "modified": "2025-10-13T13:06:53.001Z",
    "type": "cve",
    "title": "IDOR in Ak\u0131nsoft QRMenu",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0333",
    "id": "CVE-2025-9902",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "AKIN Software Computer Import Export Industry and Trade Co. Ltd. QRMenu 1.05.12",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "QRMenu",
    "version": "1.05.12",
    "vendor": "AKIN Software Computer Import Export Industry and Trade Co. Ltd.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}