Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SMG Software Information Portal allows Code Injection, Upload a Web Shell to a Web Server, Code Inclusion.This issue affects Information Portal: before 13.06.2025.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.usom.gov.tr/bildirim/tr-25-0174 |
![]() ![]() |
History
Thu, 24 Jul 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 24 Jul 2025 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SMG Software Information Portal allows Code Injection, Upload a Web Shell to a Web Server, Code Inclusion.This issue affects Information Portal: before 13.06.2025. | |
Title | Arbitrary File Upload in SMG Software's Information Portal | |
Weaknesses | CWE-434 CWE-78 |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: TR-CERT
Published: 2025-07-24T12:45:22.450Z
Updated: 2025-07-24T13:36:01.931Z
Reserved: 2025-05-27T07:32:38.832Z
Link: CVE-2025-5243

Updated: 2025-07-24T13:34:53.409Z

Status : Awaiting Analysis
Published: 2025-07-24T13:15:27.140
Modified: 2025-07-25T15:29:19.837
Link: CVE-2025-5243

No data.