CNNVD-202511-2876 Information

CNNVD ID

CNNVD-202511-2876

Related CVE

CVE-2025-65235

• CNNVD Published: 2025-11-26

Description (Chinese)

OpenCode USSD Gateway是OpenCode开源的一个处理和管理USSD消息的网关软件。 OpenCode USSD Gateway 6.13.11版本存在安全漏洞，该漏洞源于getSubUsersByProvider函数中ID参数存在SQL注入。

Description (English)

OpenCode USSD Gateway is a gateway software for processing and managing USSD messages from OpenCode Open Source. Version 6.13.11 of OpenCode USSD Gateway 6.13.11 contains a security loophole that originates from the SQL injection of the ID parameter in the GetSubUsersByProvider function.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Opencode

Published

2025-11-26

Last Modified

2026-02-24

References

https://eslam3kl.gitbook.io https://eslam3kl.gitbook.io/blog/web-application-findings/cve-2025-65235-ussd-gw-sql-injection-subusers https://github.com/eslam3kl https://access.redhat.com/security/cve/cve-2025-65235