CNNVD-202511-2875 Information

CNNVD ID

CNNVD-202511-2875

Related CVE

CVE-2025-65236

• CNNVD Published: 2025-11-26

Description (Chinese)

OpenCode USSD Gateway是OpenCode开源的一个处理和管理USSD消息的网关软件。 OpenCode USSD Gateway存在安全漏洞，该漏洞源于/occontrolpanel/index.php中Session ID参数存在SQL注入。

Description (English)

OpenCode USSD Gateway is a gateway software for processing and managing USSD messages from OpenCode Open Source. OpenCode USSSD Gateway has a security loophole, which originates from the SQL injection of the Ssession ID parameter in /occontrolpanel/index.php.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Opencode

Published

2025-11-26

Last Modified

2026-02-24

References

https://eslam3kl.gitbook.io/blog/web-application-findings/cve-2025-65236-ussd-gateway-sql-injection-sessions https://github.com/eslam3kl https://access.redhat.com/security/cve/cve-2025-65236