Researcher now claims NTA re-exam portal 'vulnerable,' could leak data
What's the story
The National Testing Agency's (NTA) re-examination portal has come under scrutiny after a cybersecurity researcher flagged possible vulnerabilities that could expose sensitive administrative and user data. These vulnerabilities include claims that the portal has a "superadmin login bypass by using extremely weak credentials." Dubai-based cybersecurity researcher Rylen Anil made the claims on social media X, alleging that thousands of observers, center coordinators, and examination centers could be affected.
Twitter Post
Check out post here
NTA’s Re-examination portal (https://t.co/yKhDNDCPE1) has a superadmin login bypass by using extremely weak credentials
— Rylen Anil (@DarthKermi72747) May 31, 2026
This exposes bulk user data: ~7.9k observers, 676 CCs, 5.4k CS/centers, including names, emails and phone numbers.@ni5arga pic.twitter.com/n2q4d0Egvw
Data breach
Potential data exposure and unauthorized access risks
He said the alleged vulnerability could expose names, email addresses, and phone numbers. Anil also claimed that unauthorized access to the administrative dashboard could allow actions such as exporting data generating appointment letters, managing observers, uploading templates, and handling administrative mappings. Screenshots shared online appeared to show parts of the portal interface. But the authenticity of these images or the extent of any potential breach has not been confirmed.
Accessibility issue
Portal link shows '404 Not Found' message
Interestingly, users reported that the portal link displayed a "404 Not Found" message around the time these allegations gained traction online. This development comes after recent controversies surrounding CBSE's On-Screen Marking (OSM) system, which faced criticism over scanned answer sheets and evaluation discrepancies. The board has since acknowledged certain weaknesses and engaged cybersecurity professionals from IIT Kanpur and IIT Madras to strengthen its systems.