CVE 9.8 CRITICAL

CVE-2025-63747_CVE-2025-63747

November 17, 2025 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.

AI Analysis

Default administrative account credentials in QaTraq 6.9.2 allow for immediate login and administrative access.

Basic Information

ID CVE-2025-63747

Source mitre

Published Nov 17, 2025 at 00:00

Modified Nov 17, 2025 at 19:42

Affected Product

Vendor QaTraq

Product QaTraq

Version 6.9.2

Affected Versions n/a n/a n/a

CWE Classification

CWE-521

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor QaTraq

Product QaTraq

Version 6.9.2

References

{
    "lastseen": "",
    "description": "QaTraq 6.9.2 ships with administrative account credentials which are enabled in default installations and permit immediate login via the web application login page. Because the account provides administrative privileges in the default configuration, an attacker who can reach the login page can gain administrative access.",
    "published": "2025-11-17T00:00:00.000Z",
    "modified": "2025-11-17T19:42:04.128Z",
    "type": "cve",
    "title": "CVE-2025-63747",
    "source": "mitre",
    "references": "http://qatraq.com\nhttps://bitsbyamg.com/blog/post/2025/10/19/qatraq-692-default-creds-and-file-upload-rce",
    "id": "CVE-2025-63747",
    "bulletinFamily": "",
    "cwe": [
        "CWE-521"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "QaTraq",
    "version": "6.9.2",
    "vendor": "QaTraq",
    "ai_description": "Default administrative account credentials in QaTraq 6.9.2 allow for immediate login and administrative access.",
    "ai_severity": "Critical",
    "ai_vendor": "QaTraq",
    "ai_product": "QaTraq",
    "ai_version": "6.9.2",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply