CVE-2025-7015 Akın Software Computer Import Export Industry and Trade Ltd. CVE debrief

Who should care

Administrators and users of Akın Software Computer Import Export Industry and Trade Ltd. QR Menu before version s1.05.12 should apply the necessary updates to mitigate this vulnerability.

Technical summary

The CVE-2025-7015 vulnerability affects QR Menu by Akın Software, specifically versions before s1.05.12. It is categorized under CWE-384, which pertains to Session Fixation vulnerabilities. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N, indicating that the attack vector is Network, Attack Complexity is Low, Privileges Required is Low, User Interaction is Required, Scope is Unchanged, Confidentiality impact is High, Integrity impact is None, and Availability impact is None.

Defensive priority

MEDIUM

Recommended defensive actions

• Update QR Menu to version s1.05.12 or later.
• Review and monitor user sessions for any suspicious activity.
• Implement additional security measures to protect against session fixation attacks.

Evidence notes

Evidence for this CVE comes from the National Vulnerability Database (NVD) and other official sources.

Official resources