CVE-2025-65235
CRITICAL
9.8
Our Analysis: Embedded
Our model has classified this vulnerability as relevant to Embedded Systems, helping your team prioritize efforts effectively.
Published Date
November 26, 2025
Last Modified
January 2, 2026
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL injection vulnerability via the ID parameter in the getSubUsersByProvider function.