Goal Reached Thanks to every supporter โ€” we hit 100%!

Goal: 1000 CNY ยท Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-26342 โ€” AI Deep Analysis Summary

CVSS 9.8 ยท Critical

Q1What is this vulnerability? (Essence + Consequences)

๐Ÿšจ **Essence**: Critical Access Control Error in Q-Free MAXTIME Suite. <br>๐Ÿ’ฅ **Consequences**: Attackers can create **arbitrary users**, including **Admins**, without authentication. Total system compromise possible.

Q2Root Cause? (CWE/Flaw)

๐Ÿ›ก๏ธ **Root Cause**: **CWE-306** (Missing Authentication for Critical Function). <br>๐Ÿ” **Flaw**: The `maxprofile/accounts/routes.lua` script lacks identity verification checks.

Q3Who is affected? (Versions/Components)

๐Ÿ“ฆ **Affected**: **Q-Free MAXTIME Suite**. <br>๐Ÿ“… **Versions**: **2.11.0** and all **prior versions**. <br>๐Ÿญ **Vendor**: Q-Free (Traffic Signal Management).

Q4What can hackers do? (Privileges/Data)

๐Ÿ‘‘ **Privileges**: Attackers gain **Full Admin Access**. <br>๐Ÿ“‚ **Data**: Can create **any user account**. <br>โš ๏ธ **Impact**: CVSS Score is **Critical (9.8)**. Full Confidentiality, Integrity, and Availability loss.

Q5Is exploitation threshold high? (Auth/Config)

๐Ÿ“‰ **Threshold**: **VERY LOW**. <br>๐Ÿ”“ **Auth**: **None required** (PR:N). <br>๐ŸŒ **Network**: Remote (AV:N). <br>๐Ÿ–ฑ๏ธ **UI**: No user interaction needed (UI:N).

Q6Is there a public Exp? (PoC/Wild Exploitation)

๐Ÿ“œ **Public Exp?**: **No PoC provided** in data. <br>๐ŸŒ **Wild Exp**: Unknown status. <br>๐Ÿ”— **Ref**: Nozomi Networks advisory available for context.

Q7How to self-check? (Features/Scanning)

๐Ÿ” **Self-Check**: Scan for **Q-Free MAXTIME Suite** services. <br>๐Ÿ•ธ๏ธ **Target**: Check HTTP requests to `maxprofile/accounts/routes.lua`. <br>โš ๏ธ **Test**: Attempt user creation without login tokens.

Q8Is it fixed officially? (Patch/Mitigation)

๐Ÿ› ๏ธ **Fix**: Update to a **patched version** (post-2.11.0). <br>โœ… **Official**: Vendor advisory implies patch availability. <br>๐Ÿ“ฅ **Action**: Check Q-Free support portal for updates.

Q9What if no patch? (Workaround)

๐Ÿšง **No Patch?**: Implement **Network ACLs**. <br>๐Ÿ”’ **Block**: Restrict access to `routes.lua` endpoints. <br>๐Ÿ‘ฎ **Monitor**: Alert on unauthorized user creation attempts.

Q10Is it urgent? (Priority Suggestion)

๐Ÿ”ฅ **Urgency**: **CRITICAL / IMMEDIATE**. <br>โšก **Priority**: **P0**. <br>๐Ÿšจ **Reason**: Remote, unauthenticated, full admin takeover. Patch immediately!

Continue exploring

Vulnerability detail Full AI analysis (login) Q-Free CWE-306