CVE-2025-34143
ETQ Reliance CG Authentication Bypass via Trailing Space RCE
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The application allowed login as the privileged internal SYSTEM user by manipulating the username field. The SYSTEM account does not require a password, enabling attackers with network access to the login page to obtain elevated access. Once authenticated, an attacker could achieve remote code execution by modifying Jython scripts within the application. This issue was resolved by introducing stricter validation logic to exclude internal accounts from public authentication workflows in version MP-4583.
| CWE | CWE-288 CWE-269 CWE-78 |
| Vendor | etq |
| Product | reliance cg (legacy) |
| Published | Jul 22, 2025 |
| Last Updated | May 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for etq reliance cg (legacy)
Be the first to know when new unknown vulnerabilities affecting etq reliance cg (legacy) are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
ETQ / Reliance CG (legacy)
0 < MP-4583
References
etq.com: https://www.etq.com/product-overview/ etq.com: https://www.etq.com/blog/etq-reliance-security-update/ slcyber.io: https://slcyber.io/assetnote-security-research-center/how-we-accidentally-discovered-a-remote-code-execution-vulnerability-in-etq-reliance/ vulncheck.com: https://www.vulncheck.com/advisories/etq-reliance-cg-authentication-bypass-via-trailing-space-rce
Credits
Adam Kues and Shubham Shah of Assetnote