CVE-2025-9846

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0410%

EPSS Percentile7.32th

Published2025年9月23日

Last Modified2026年6月5日

Vulnerability Description

Unrestricted Upload of File with Dangerous Type vulnerability in TalentSys Consulting Information Technology Industry Inc. Inka.Net allows Command Injection. This issue affects Inka.Net: before 6.7.1.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0288

🔗 https://www.usom.gov.tr/bildirim/tr-25-0288

関連する脆弱性情報

CVE-2025-432010.0

Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft So...

CVE-2025-958810.0

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archivin...

CVE-2025-437810.0

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile ...

CVE-2025-428510.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technol...