CVE-2025-7636

{"id": "CVE-2025-7636", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-02-10T15:16:05.427", "references": [{"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0052", "source": "iletisim@usom.gov.tr"}, {"url": "https://www.usom.gov.tr/bildirim/tr-26-0052", "source": "iletisim@usom.gov.tr"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ergosis Security Systems Computer Industry and Trade Inc. ZEUS PDKS allows SQL Injection.\n\nThis issue affects ZEUS PDKS: from <1.0.5.10 through 10022026.\n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Neutralizaci\u00f3n Incorrecta de Elementos Especiales utilizados en un Comando SQL ('Inyecci\u00f3n SQL') vulnerabilidad en Ergosis Security Systems Computer Industry and Trade Inc. ZEUS PDKS permite la inyecci\u00f3n SQL. Este problema afecta a ZEUS PDKS: desde &lt;1.0.5.10 hasta 10022026.\n\nNOTA: Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n pero no respondi\u00f3 de ninguna manera."}], "lastModified": "2026-06-05T15:16:46.130", "sourceIdentifier": "iletisim@usom.gov.tr"}