CNNVD-202511-2874 Information

CNNVD ID

CNNVD-202511-2874

Related CVE

CVE-2025-65239

• CNNVD Published: 2025-11-26

Description (Chinese)

OpenCode USSD Gateway是OpenCode开源的一个处理和管理USSD消息的网关软件。 OpenCode USSD Gateway存在安全漏洞，该漏洞源于/aux1/ocussd/trace端点访问控制不当，可能导致低权限攻击者读取服务器日志。

Description (English)

OpenCode USSD Gateway is a gateway software for processing and managing USSD messages from OpenCode Open Source. OpenCode USSD Gateway has a security loophole, which stems from/aux1/ocussd/trace endpoint access controls that may lead to low-authorized attackers reading server logs.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Opencode

Published

2025-11-26

Last Modified

2026-02-24

References

https://eslam3kl.gitbook.io https://eslam3kl.gitbook.io/blog/web-application-findings/cve-2025-65239-ussd-gateway-broken-access-control-logs https://github.com/eslam3kl https://access.redhat.com/security/cve/cve-2025-65239