VYPR
Vendor

ETQ

Products
2
CVEs
4
Across products
5
Status
Private

Products

2

Recent CVEs

4
  • CVE-2025-34143CriJul 22, 2025
    risk 0.63cvss epss 0.30

    An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network…

  • CVE-2025-34140HigJul 22, 2025
    risk 0.57cvss epss 0.01

    An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms). By appending a specific URI suffix to certain API endpoints, an unauthenticated attacker can bypass access control checks and retrieve limited sensitive resources. The root cause was…

  • CVE-2025-34142MedJul 22, 2025
    risk 0.45cvss epss 0.01

    An XML External Entity (XXE) injection vulnerability exists in ETQ Reliance on the CG (legacy) platform within the `/resources/sessions/sso` endpoint. The SAML authentication handler processes XML input without disabling external entity resolution, allowing crafted SAML…

  • CVE-2025-34141MedJul 22, 2025
    risk 0.33cvss epss 0.02

    A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the…