Directory Indexing Vulnerability in Vega Master by VegaGrup Yazılım ve Bilişim Teknolojileri
CVE-2024-12367

8.6HIGH

Key Information:

Vendor: Vegagrup Yazılım Ve Bilişim Teknolojileri A.ş.
Status: Vega Master
Vendor: CVE Published:; 16 September 2025

🔔 Create Vegagrup Yazılım Ve Bilişim Teknolojileri A.ş. Vulnerability Alert

What is CVE-2024-12367?

The Vega Master software from VegaGrup Yazılım ve Bilişim Teknolojileri exposes sensitive system information to unauthorized control through a directory indexing vulnerability. This issue affects multiple versions, specifically from 1.12.35 up to 20250916, potentially allowing attackers to access confidential files and configuration settings, thereby compromising system integrity. As of now, the vendor has not confirmed the resolution of this issue, and users are advised to remain vigilant and protect their systems accordingly.

Affected Version(s)

Vega Master v.1.12.35 <= 20250916

References

https://www.usom.gov.tr/bildirim/tr-25-0249

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Dec 9, 2024

Credit

Yunus ÖRNEK