CVE-2025-63747 – QaTraq 6.9.2 ships with default administrative ... (How to Fix)

Q: What is the severity of CVE-2025-63747?

CVE-2025-63747 has a CVSS score of 9.8 (CRITICAL). QaTraq 6.9.2 ships with default administrative credentials that are enabled in fresh installations. This allows attackers who can access the login page to immediately gain administrative privileges. All organizations running QaTraq 6.9.2 with default settings are affected.

📋 TL;DR

QaTraq 6.9.2 ships with default administrative credentials that are enabled in fresh installations. This allows attackers who can access the login page to immediately gain administrative privileges. All organizations running QaTraq 6.9.2 with default settings are affected.

💻 Affected Systems

Products:

QaTraq

Versions: 6.9.2

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects fresh installations or systems where default credentials were not changed. The vulnerability exists in the default configuration shipped with the software.

📦 What is this software?

Qatraq by Testmanagement

View all CVEs affecting Qatraq →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with administrative access leading to data theft, ransomware deployment, or complete system takeover.

🟠

Likely Case

Attackers gain administrative control, modify configurations, access sensitive data, and potentially execute remote code via file upload functionality.

🟢

If Mitigated

Limited to unauthorized administrative access without ability to escalate further or access critical systems.

🌐 Internet-Facing: HIGH - Default credentials allow immediate administrative access to any internet-facing QaTraq instance.

🏢 Internal Only: HIGH - Internal attackers or compromised internal systems can gain administrative privileges.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only knowledge of default credentials and access to the login page. The referenced blog post demonstrates file upload RCE after authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://qatraq.com

Restart Required: No

Instructions:

1. Change default administrative credentials immediately. 2. Disable or delete the default administrative account if not needed. 3. Monitor vendor website for security updates.

🔧 Temporary Workarounds

Change Default Credentials

all

Immediately change the default administrative password to a strong, unique password.

Use QaTraq administrative interface to change password

Network Access Control

all

Restrict access to QaTraq login page to authorized IP addresses only.

Configure firewall rules to limit access to QaTraq port

🧯 If You Can't Patch

Isolate QaTraq system on separate network segment with strict access controls
Implement multi-factor authentication if supported, or use VPN with strong authentication for access

🔍 How to Verify

Check if Vulnerable:

Attempt to log into QaTraq web interface using default administrative credentials (check vendor documentation for defaults).

Check Version:

Check QaTraq web interface footer or about page for version information

Verify Fix Applied:

Verify default credentials no longer work and only authorized accounts can access administrative functions.

📡 Detection & Monitoring

Log Indicators:

Multiple failed login attempts followed by successful login with default credentials
Administrative actions from unexpected IP addresses

Network Indicators:

Unusual traffic patterns to QaTraq login page from external sources

SIEM Query:

source="qatraq" AND (event="login_success" AND user="admin") OR (event="file_upload" AND user="admin")

📊 Metadata

CVE ID: CVE-2025-63747

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-521

EPSS Score: 0.08% exploit probability (23.5th percentile)

Published: November 17, 2025

Last Updated: November 26, 2025

🔗 References

http://qatraq.com Broken Link
https://bitsbyamg.com/blog/post/2025/10/19/qatraq-692-default-creds-and-file-upload-rce Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-63747, you might also want to check these: