Path Traversal in Yordam Katalog by Yordam Information Technology
CVE-2025-10438

7.1HIGH

Key Information:

Vendor: Yordam Information Technology Consulting Education And Electrical Systems Industry Trade Inc.
Status: Yordam Katalog
Vendor: CVE Published:; 25 September 2025

🔔 Create Yordam Information Technology Consulting Education And Electrical Systems Industry Trade Inc. Vulnerability Alert

What is CVE-2025-10438?

A path traversal vulnerability exists in Yordam Katalog that could allow an attacker to access sensitive files on the server by manipulating file paths. This issue affects versions prior to 21.7 of Yordam Katalog. Exploiting this vulnerability may enable unauthorized access to critical configuration files, user data, or other sensitive information, posing significant risks to the integrity and confidentiality of the system.

Affected Version(s)

Yordam Katalog 0 < 21.7

References

https://www.usom.gov.tr/bildirim/tr-25-0296

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2025
Vulnerability Reserved
Sep 14, 2025

Credit

Sarp Dora Yönden

JSON