CVE-2025-11242 - Vulnerability Details - OpenCVE

Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://www.usom.gov.tr/bildirim/tr-26-0048

History

Tue, 10 Feb 2026 09:15:00 +0000

Type	Values Removed	Values Added
Description		Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025.
Title		SSRF in Teknolist Computer's Okulistik
Weaknesses		CWE-918
References		https://www.usom.gov.tr/bildirim/tr-26-0048
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published: 2026-02-10T08:36:22.973Z

Updated: 2026-02-10T08:36:22.973Z

Reserved: 2025-10-02T13:55:27.124Z

Link: CVE-2025-11242

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-02-10T09:16:09.200

Modified: 2026-02-10T09:16:09.200

Link: CVE-2025-11242

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-11242", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2025-10-02T13:55:27.124Z", "datePublished": "2026-02-10T08:36:22.973Z", "dateUpdated": "2026-02-10T08:36:22.973Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Okulistik", "vendor": "Teknolist Computer Systems Software Publishing Industry and Trade Inc.", "versions": [{"lessThanOrEqual": "21102025", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Berat ARSLAN"}], "datePublic": "2026-02-10T08:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.<p>This issue affects Okulistik: through 21102025.</p>"}], "value": "Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.This issue affects Okulistik: through 21102025."}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "CAPEC-664 Server Side Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2026-02-10T08:36:22.973Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.usom.gov.tr/bildirim/tr-26-0048"}], "source": {"advisory": "CVE-2025-11242", "defect": ["CVE-2025-11242"], "discovery": "UNKNOWN"}, "tags": ["exclusively-hosted-service"], "title": "SSRF in Teknolist Computer's Okulistik", "x_generator": {"engine": "Vulnogram 0.5.0"}}}}