CVE-2025-34141
published 2025-07-22CVE-2025-34141: A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability…
PriorityP277medium5.1CVSS 4.0
AVNACLATNPRNUIAVCNVINVANSCLSILSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.89%
77.0th percentile
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| etq | reliance_cg | < SE.2025.1 | SE.2025.1 |
| msrc | cbl2_numpy_1.16.6-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_numpy_1.16.6-2_on_cbl_mariner_1.0 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/reliance/SQLConverterServlet?MySQLStm=%3C/textarea%3E%3Cimg%20src=x%20onerror=alert(document.domain)%3E↗
yara↗
shodan-query: 'html:"ETQ Reliance"'
- →Detect exploitation attempts by matching HTTP requests to the SQLConverterServlet path with the MySQLStm parameter containing XSS payloads (e.g., URL-encoded HTML tags or event handlers). ↗
- →Confirm vulnerable instances by checking HTTP response body for the string 'You have to start the ENGINE application before using this form.' alongside the reflected XSS payload. ↗
- →Use Shodan or FOFA to identify exposed ETQ Reliance instances as potential targets: search for html:"ETQ Reliance" or body="ETQ Reliance". ↗
- →The vulnerability is in the legacy CG platform's SQLConverterServlet component; monitor for any HTTP GET requests targeting this servlet path on ETQ Reliance deployments. ↗
- ·The vulnerability requires user interaction (authenticated user clicking a crafted link); exploitation is not fully unauthenticated/automated. ↗
- ·The SQLConverterServlet has been disabled in version SE.2025.1; patched instances will not respond to the exploit path, so detections should focus on unpatched (pre-SE.2025.1) deployments. ↗
- ·The Nuclei template uses a two-step flow: first resolving the base path via a redirect, then constructing the SQLConverterServlet URL dynamically; static path-based detections may need to account for non-default base paths. ↗
CVSS provenance
nvdv4.05.1MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vulncheck5.1MEDIUM
vendor_msrc5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wffg-jjj6-c47h: A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component
ghsa_unreviewed·2025-07-22
CVE-2025-34141 [MEDIUM] CWE-79 GHSA-wffg-jjj6-c47h: A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.
VulnCheck
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
vulncheck·2025·CVSS 5.1
CVE-2025-34141 [MEDIUM] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the `SQLConverterServlet` component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.
Affected: ETQ ETQ Reliance
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://app.crowdsec.net/cti/cve-explorer/CVE-2025-34141
Microsoft
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor stat
vendor_msrc·2021-12-14·CVSS 5.3
CVE-2021-34141 [MEDIUM] CWE-697 An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor stat
An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If im
No detection rules found.
Nuclei
ETQ Reliance - Reflected XSS via SQLConverterServlet
nuclei·CVSS 5.1
CVE-2025-34141 [MEDIUM] ETQ Reliance - Reflected XSS via SQLConverterServlet
ETQ Reliance - Reflected XSS via SQLConverterServlet
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the SQLConverterServlet component. This vulnerability requires user interaction, such as clicking a crafted link, and may result in execution of unauthorized scripts in the user's context. The affected servlet was unnecessarily exposed to authenticated users and has since been disabled in version SE.2025.1.
Template:
id: CVE-2025-34141
info:
name: ETQ Reliance - Reflected XSS via SQLConverterServlet
author: slcyber,pdresearch
severity: medium
description: |
A reflected cross-site scripting (XSS) vulnerability exists in ETQ Reliance CG (legacy) platform within the SQLConverterServlet component. This vulnerability requires user inter
No writeups or analysis indexed.
https://slcyber.io/assetnote-security-research-center/how-we-accidentally-discovered-a-remote-code-execution-vulnerability-in-etq-reliance/https://www.etq.com/blog/etq-reliance-security-update/https://www.etq.com/product-overview/https://www.vulncheck.com/advisories/etq-reliance-cg-reflected-xss-in-sqlconverterservlet
2025-07-22
Published
Exploited in the wild