安全ID : QSA-25-53
Vulnerability in MARS (Multi-Application Recovery Service)
发布日期 : January 3, 2026
通用漏洞披露 : CVE-2025-59387
受影响产品: MARS (Multi-Application Recovery Service) 1.2.x
严重程度
Important
状态
已解决
Summary
An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery Service). If exploited, a remote attacker can execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
| Affected Product | Fixed Version |
| MARS (Multi-Application Recovery Service) 1.2.x | MARS (Multi-Application Recovery Service) 1.2.1.1686 and later |
Note: Starting from version 1.3.x, the application has been renamed to HDP for Wordpress (MARS).
Recommendation
To fix the vulnerability, we recommend updating MARS (Multi-Application Recovery Service) to the latest version.
Updating MARS (Multi-Application Recovery Service)
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "MARS" and then press ENTER.
The application appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your application is already up to date. - Click OK.
The system updates the application.
附件
致谢: q5ca, greengrass
修订历史:
V1.0 (January 3, 2026) - Published
