Carregando...
Qualitor - Software para Atender Melhor - Help Desk, Service Desk, Shared Services, Ouvidoria
Qualitor - Software para Atender Melhor - Help Desk, Service Desk, Shared Services, Ouvidoria

Official Security Advisory – CVE-2025-5139

Comunicado-Institucional-01

Official Security Advisory – CVE-2025-5139

Publication Date: May 25, 2025

CVE Identifier: CVE-2025-5139

Affected Product(s): Qualitor – Versions 8.20 and 8.24

Qualitor Software is committed to maintaining the security and integrity of our solutions. In line with our transparency policy and dedication to customer support, we are issuing this advisory regarding a recently identified vulnerability in our platform.

Summary of the Vulnerability

A command injection vulnerability was discovered in the following file:

/html/ad/adconexaooffice365/request/testaConexaoOffice365.php

This issue could allow an attacker to manipulate the nmconexao parameter using malicious input. If exploited, this may lead to unauthorized command execution on the server.
The vulnerability primarily affects environments where Office 365-type connections are configured, as it is triggered during the API-based account connection validation process.

Resolution and Fix

Upon identifying the vulnerability, our security team promptly developed, tested, and released a patch to eliminate the associated risks.

The issue has been resolved in the following versions:

8.20.56

8.24.31

The update is available through our official support channels.

We strongly recommend that all customers update to these versions or later as soon as possible to ensure continued security.

Actions Taken

Investigation and Mitigation: We analyzed the issue and applied the necessary fix to remove the vulnerability.

Quality Assurance: Extensive testing was conducted to confirm that the fix did not impact system stability or performance.

Customer Notification: We proactively informed customers and provided guidance on how to apply the patch.

Recommendations for Customers

Verify your current version – Ensure your installation is running version 8.20.56, 8.24.31, or higher.

Apply the security update – Follow the instructions provided through our official support channels.

Reach out if needed – For questions or assistance, please contact our technical support team.

Our Commitment to Security

At Qualitor Software, we take product security very seriously. We continuously monitor, assess, and improve our systems to protect our customers. We are committed to timely vulnerability management and to maintaining a secure application environment for all users.

Contact Us

For further information or technical support, please contact us:

Email:suporte@qualitor.com.br

Support Portal:https://qualitor.qualitorsoftware.com/qualitor/LoginUsuario.php

Qualitor informa: usamos cookies para personalizar anúncios e melhorar a sua experiência no site. Ao continuar navegando, você concorda com a nossa Política de Privacidade.

continuar e fechar