External risk intelligence

SoliClub Authentication Abuse Vulnerability.

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2025-7358

A critical hard-coded credentials vulnerability in SoliClub allows authentication abuse, potentially enabling unauthorized access to application data and functionalities. This issue could lead to significant compromise if exploited. The vulnerability is reachable over the network.

2Halo Surface Signal

Utarit Soliclub

before 5.3.7

External exposure likelihood

Halo Surface Signal score for CVE-2025-7358

The vulnerability affects a mobile application (Android), which typically runs on end-user devices rather than as a public-facing network service. While network-reachable in some contexts, such applications are generally not designed as internet-facing edge gateways or public portals, making widespread internet exposure less common.

PCI scan relevance

PCI Relevance for CVE-2025-7358

Yes

CVE-2025-7358 — Halo PCI Relevance: Yes. Under typical PCI ASV external scan criteria, this issue may be flagged for scan prioritization.

This CVE is PCI scan-relevant because hard-coded credentials can allow authentication abuse, which is a failure class for ASV scans.

Scan-prioritization guidance only—not a PCI DSS certification or ASV attestation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

A critical vulnerability in SoliClub allows unauthorized access due to hard-coded credentials, potentially enabling attackers to abuse authentication mechanisms. This issue could lead to significant compromise if exploited.

  • Hard-coded credentials enable authentication abuse.
  • High severity critical flaw with broad potential impact.
  • Confirm relevance and exposure for affected systems.

Attack Path

How an attacker could exploit the issue

An attacker could exploit a hard-coded credential vulnerability in the SoliClub application to gain unauthorized access and potentially control user accounts. This could occur if the attacker can interact with the application in a way that leverages these embedded credentials. The vulnerability could lead to significant compromise of data and application functionality.

  • No special access required to reach.
  • Hard-coded credentials used by the app.
  • Full authentication bypass and abuse.

Live Threat

Current exploitation, exposure, and threat context

Hard-coded credentials in SoliClub could allow an unauthenticated attacker to abuse authentication mechanisms. This could lead to unauthorized access to the application's functionalities and data.

  • User account access at risk.
  • Authentication abuse may occur.
  • Unauthorized access to application data.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

This critical vulnerability in SoliClub, involving hard-coded credentials, presents a significant risk of authentication abuse. Initial response should focus on identifying all deployed instances of SoliClub, assessing their exposure and business criticality, and locating the accountable system owner. Subsequent actions will depend on this initial triage, potentially involving vendor coordination for updates or immediate mitigation planning.

  • Identify SoliClub owners and exposure.
  • Verify reachability and business criticality.
  • Plan remediation based on assessed risk.

Frequently asked questions

What is SoliClub and how is it used?

SoliClub is an application developed by Utarit Informatics Services Inc. that is used on Android devices. While the exact user-facing purpose isn't detailed, its vulnerability suggests it handles user authentication.

What is CVE-2025-7358 in SoliClub?

CVE-2025-7358 is a critical vulnerability in SoliClub, classified as CWE-798. This means it involves the use of hard-coded credentials within the software, allowing for authentication to be abused.

How could an attacker exploit the SoliClub vulnerability?

An attacker could exploit this vulnerability by leveraging the hard-coded credentials embedded within the SoliClub application to bypass normal authentication processes and gain unauthorized access.

Who should be concerned about this SoliClub vulnerability?

Anyone running SoliClub on an Android device should be concerned. Based on its Halo Surface Signal classification, it is unlikely to be internet-facing, suggesting the risk is more contained to users of the application itself, rather than external attackers targeting network services.

What is the first step to respond to this SoliClub security issue?

The initial step is to identify all instances of SoliClub in use, understand how exposed they are, and determine their business importance. This will help in planning the next steps, which might involve waiting for a vendor update or implementing other protective measures.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified