PT-2025-41784 · Akin Software Computer Import Export Industry Trade Co. · Qrmenu
Berat Arslan
·
Published
2025-10-13
·
Updated
2025-10-16
·
CVE-2025-9902
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
QRMenu versions 1.05.12 through versions prior to 05.09.2025
Description
An authorization bypass issue exists in QRMenu, a component of AKIN Software Computer Import Export Industry and Trade Co. Ltd. This flaw allows attackers to bypass authorization controls, potentially gaining access to privileged functionalities or data without proper authentication. The issue is due to a user-controlled key.
Recommendations
Update QRMenu to a version dated 05.09.2025 or later.
Fix
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qrmenu