CVE-2025-54542
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-28

Last updated on: 2025-09-08

Assigner: CERT.PL

Description
QuickCMS sends password and login via GET Request. This allows a local attacker with access to the victim's browser history to obtain the necessary credentials to log in as the user. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-28
Last Modified
2025-09-08
Generated
2026-05-07
AI Q&A
2025-08-28
EPSS Evaluated
2026-05-05
NVD
CVE-2025-54542
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
opensolution quick.cms 6.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-598 The web application uses the HTTP GET method to process a request and includes sensitive information in the query string of that request.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in QuickCMS version 6.8 involves sending login credentials (username and password) via HTTP GET requests. Because GET requests include data in the URL, these credentials are stored in the browser history. A local attacker with access to the victim's browser history can retrieve these credentials and log in as the user, leading to unauthorized access. [1]


How can this vulnerability impact me? :

If exploited, this vulnerability allows a local attacker who can access the victim's browser history to obtain the user's login credentials. This can lead to unauthorized access to the user's account, potentially compromising sensitive information and user data within QuickCMS. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by inspecting HTTP traffic for GET requests that include login credentials in the URL query string. On a system, checking the browser history for URLs containing sensitive information like usernames and passwords can also reveal the issue. Network monitoring tools like Wireshark or tcpdump can be used to capture HTTP GET requests and filter for suspicious query parameters. For example, using tcpdump: tcpdump -i <interface> -A 'tcp port 80' | grep 'GET' and then inspecting URLs for credential parameters. On the system, commands like 'grep -i "password" ~/.mozilla/firefox/*/places.sqlite' or checking browser history files for URLs containing login information may help detect exposure. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include avoiding the use of QuickCMS version 6.8 or any untested versions until a fix is available. Users should clear their browser history to remove stored URLs containing credentials. Additionally, avoid logging in over insecure networks and consider using alternative authentication methods that do not expose credentials in URLs. Monitoring and restricting local access to the victim's machine can also reduce risk. Applying any vendor patches or updates once available is recommended. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart