CVE-2025-0645

Published: Nov 20, 2025Modified: Jun 6, 2026Deferred

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: iletisim@usom.gov.tr (Secondary)

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Pyxis Signage: through 31012025.

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0404

Source: iletisim@usom.gov.tr

https://www.usom.gov.tr/bildirim/tr-25-0404

Source: iletisim@usom.gov.tr

Timeline

No history available yet.