Coempt EduTeck — a small Hyderabad company — runs the On-Screen Marking system that graded 17.8 lakh CBSE answer sheets. We traced the corporate network behind the vendor, mapped the structural failures in India's exam technology procurement, and documented why this wasn't a one-time accident.
The Chary family has been building education-tech companies since 2000 — 11 interlocking entities across education, healthcare, pharma, and finance. How did a ₹20 crore company capture India's largest exam system?
The CBSE scandal isn't unique. The SSC-Eduquity scam follows an identical playbook: small firms winning government contracts, tender norms rewritten, large players pushed out. Meet India's exam-tech capture pattern.
Complete timeline of security researcher ni5arga's responsible disclosures on the CBSE OSM portal
QA automation code left on GitHub, Selenium test suites against the live portal, server-side source from AP SBTET, and the commit history showing the portal was rewritten mid-exam.
Full endpoint catalogue extracted from the production Angular bundle. Three critical vulnerabilities: sequential answer sheet IDs, password changes without old password, unauthenticated evaluator photos.
SSL certificate transparency logs reveal 30+ educational institutions on the same OnMark platform. A vulnerability in the codebase affects every board simultaneously.