{"id":66737,"date":"2025-07-22T19:32:02","date_gmt":"2025-07-22T16:02:02","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-34143-an-authentication-bypass-vulnerability-exists-in-e\/"},"modified":"2025-07-22T19:32:02","modified_gmt":"2025-07-22T16:02:02","slug":"cve-2025-34143-an-authentication-bypass-vulnerability-exists-in-e","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-34143-an-authentication-bypass-vulnerability-exists-in-e\/","title":{"rendered":"CVE-2025-34143 &#8211; An authentication bypass vulnerability exists in E"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-34143<br \/>\n<br \/>\n<strong>Published : <\/strong> July 22, 2025, 1:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 0.0 | NA<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-34143 Published : July 22, 2025, 1:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago Description : An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-66737","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66737","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=66737"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66737\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=66737"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=66737"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=66737"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}