Vulnerability Details CVE-2025-1100
A CWE-259 "Use of Hard-coded Password" for the root account in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to execute arbitrary code with root privileges via SSH.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 83.1%
CVSS Severity
CVSS v3 Score 9.8