CVE-2025-34140 Information
Jul 23, 2025
cve
Description
An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms). By appending a specific URI suffix to certain API endpoints an unauthenticated attacker can bypass access control checks and retrieve limited sensitive resources. The root cause was a misconfiguration in API authorization logic which has since been corrected in SE.2025.1 and 2025.1.2.
Reference
https://www.etq.com/blog/etq-reliance-security-update/ https://www.etq.com/product-overview/
Related CNNVD
CNNVD-202508-1492 (Published: 2025-08-14)
Share on: