PT-2025-40462 · Teknolojik Center Telecommunication Industry Trade Co. · Netsis Panel

Hüseyin Üzüm

Published

2025-10-03

Updated

2025-10-08

CVE-2025-0616

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Teknolojik Center Telecommunication Industry Trade Co. Ltd. B2B - Netsis Panel versions through 20251003

Description An issue exists in Teknolojik Center Telecommunication Industry Trade Co. Ltd. B2B - Netsis Panel related to improper neutralization of special elements used in an SQL command, leading to a SQL Injection condition. This also involves an authorization bypass through user-controlled key. The vulnerability allows for SQL Injection attacks. The vulnerable component is susceptible to exploitation via crafted SQL commands.

Recommendations Update Teknolojik Center Telecommunication Industry Trade Co. Ltd. B2B - Netsis Panel to a version beyond 20251003.

Fix

IDOR

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639CWE-89

Related Identifiers

CVE-2025-0616

Affected Products

Netsis Panel

CVE-2025-0616

Weakness Enumeration

Related Identifiers

Affected Products

References · 6