External risk intelligence

Akınsoft QR Menu Session Fixation Vulnerability.

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2025-7015

A session fixation vulnerability in Akın Software's QR Menu allows an attacker to hijack user sessions if the application is network-accessible. This could lead to unauthorized access to session data and potential account takeover. This issue affects QR Menu versions prior to s1.05.12.

4Halo Surface Signal

Akinsoft Qr Menu

before s1.05.12

External exposure likelihood

Halo Surface Signal score for CVE-2025-7015

The product is a QR Menu application, which is designed to be accessed by customers via scanning QR codes in public environments. Such applications are typically deployed as internet-facing web services to allow users to view menus and place orders, making them commonly reachable from the public internet.

PCI scan relevance

PCI Relevance for CVE-2025-7015

Yes

CVE-2025-7015 — Halo PCI Relevance: Yes. Under typical PCI ASV external scan criteria, this issue may be flagged for scan prioritization.

Session fixation vulnerabilities can lead to unauthorized access and are likely to cause a PCI scan failure.

Scan-prioritization guidance only—not a PCI DSS certification or ASV attestation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

A session fixation vulnerability has been identified in a QR Menu application, potentially allowing unauthorized access and control over user sessions. This critical issue affects instances of the QR Menu prior to a specific version. The concern is to determine if this application is in use within our environment and to what extent it may be exposed.

  • Fixes a vulnerability allowing session hijacking.
  • Important if customer-facing menus are deployed.
  • Confirm relevance and exposure of QR Menu.

Attack Path

How an attacker could exploit the issue

An attacker can initiate a session fixation attack by exploiting a vulnerability in Akın Software's QR Menu. This vulnerability allows an attacker to manipulate a user's session before they log in, effectively taking over their session once they authenticate. The attack leverages the way the QR Menu handles user sessions.

  • Attacker has network access.
  • Attacker intercepts or manipulates session tokens.
  • Risk of full account takeover.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow an attacker to take over a user's active session when interacting with the QR Menu application. If successful, an attacker could potentially access or modify the information associated with that session. This could occur when the application is accessible over a network and user sessions are not properly managed.

  • User session data.
  • Session hijacking via network.
  • Unauthorized access to menu data.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

This session fixation vulnerability in QR Menu likely impacts application owners responsible for the web service and potentially infrastructure teams managing its hosting environment. The first practical step is to identify all instances of the QR Menu application, confirm its accessibility and business criticality, and then assign an owner to initiate remediation planning.

  • Assign QR Menu application owners.
  • Verify internet-facing instances.
  • Plan vendor-coordinated remediation.

Frequently asked questions

What is Akın Software QR Menu?

Akın Software QR Menu is an application used for displaying menus via QR codes, often in restaurant or retail settings, allowing customers to view options and potentially place orders.

What kind of weakness does CVE-2025-7015 represent?

CVE-2025-7015 is a Session Fixation vulnerability. This means an attacker can trick a user into using a session identifier that the attacker already knows, potentially allowing the attacker to hijack the user's session after they log in.

How can an attacker exploit this QR Menu vulnerability?

An attacker can exploit this by manipulating a user's session identifier before the user logs in. If the application is accessible over a network, the attacker can then take over the user's authenticated session.

Who should be concerned about the QR Menu vulnerability?

Organizations using Akın Software QR Menu, especially those with internet-facing instances of the application, should be concerned. This technology is designed for customer access, making it potentially reachable from the public internet.

What is the first step to address this QR Menu issue?

The initial step is to identify all instances of the QR Menu application within your environment, confirm if they are accessible from the internet, and determine their business importance. Following this, an owner should be assigned to begin planning for remediation with the vendor.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified