# Product: Connection Quality Monitor v1.1
# Vendor: SoftPerfect Pty Ltd
# CVE ID: CVE-2025-45702
# Vulnerability Title: Insufficiently Protected Credentials
# Severity: Medium
# Author(s): Christian Kold Jensen, Karl Ívar Alfredsson Kvaran
# Date: 2025-07-24
#############################################################
Introduction:
Connection Quality Monitor v1.1 was discovered to store credentials in plaintext in the file C:\ProgramData\SoftPerfect\Connection Quality Monitor\Connection Quality Monitor.DB, which is readable to any user, allowing for the compromise of the security of the application.

Vulnerability:
Read the following file "C:\ProgramData\SoftPerfect\Connection Quality Monitor\Connection Quality Monitor.DB" after configuring credentials within the application.

Recommendation:
Ensure credentials are stored in an encrypted format not accessible by standard users.