CVE-2025-34143— ETQ Reliance CG Authentication Bypass via Trailing Space RCE
Public Exploits 1
Nuclei · 1 CVE-2025-34143.yaml [template]
Affected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ETQ | Reliance CG (legacy) | < MP-4583 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-34143
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ETQ Reliance CG Authentication Bypass via Trailing Space RCE
Source: NVD (National Vulnerability Database)
Vulnerability Description
An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用候选路径或通道进行的认证绕过
Source: NVD (National Vulnerability Database)
Vulnerability Title
ETQ Reliance CG 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ETQ Reliance CG是美国ETQ公司的一款质量管理系统。 ETQ Reliance CG存在安全漏洞,该漏洞源于通过操纵用户名字段可以绕过身份验证登录为特权内部SYSTEM用户,可能导致远程代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| ETQ | Reliance CG (legacy) | 0 ~ MP-4583 | - |
II. Public POCs for CVE-2025-34143
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-34143.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-34143
请登录查看更多情报信息。
Security Blog Posts for CVE-2025-34143 (1)
Other References for CVE-2025-34143 (1)
Same Patch Batch · ETQ · 2025-07-22 · 4 CVEs total
| CVE-2025-34141 | ETQ Reliance CG < SE.2025.1 Reflected XSS in `SQLConverterServlet` | |
| CVE-2025-34140 | ETQ Reliance CG/NXG API Authorization Bypass via ;localized-text URI Suffix | |
| CVE-2025-34142 | ETQ Reliance CG < SE.2025.1 / < 2025.1.2 XXE Injection in SSO SAML Handler |
IV. Related Vulnerabilities
Same weakness: CWE-288
- CVE-2026-35090
Authentication Bypass in Slican telephone exchanges - CVE-2026-35087
Authentication Bypass in Slican telephone exchanges - CVE-2026-42749
WordPress Disable Comments for Any Post Types (Remove commen - CVE-2026-42760
WordPress Backup and Staging by WP Time Capsule plugin <= 1. - CVE-2026-42745
WordPress Smart Online Order for Clover plugin <= 1.6.0 - Br
V. Comments for CVE-2025-34143
No comments yet