Path Traversal Vulnerability in Beyaz Computer CityPlus Software
CVE-2025-10468

7.5HIGH

Key Information:

Vendor: Beyaz Computer
Status: Cityplus
Vendor: CVE Published:; 19 September 2025

🔔 Create Beyaz Computer Vulnerability Alert

What is CVE-2025-10468?

The vulnerability identified in Beyaz Computer's CityPlus software allows unauthorized access to sensitive filesystem locations through improper restriction mechanisms. This path traversal issue potentially enables attackers to read or modify files outside the intended directory, thereby compromising system integrity and exposing sensitive data. Users should ensure they are running a patched version of CityPlus to mitigate this risk.

Affected Version(s)

CityPlus 0 < 24.29375

References

https://www.usom.gov.tr/bildirim/tr-25-0279

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Sep 15, 2025

Credit

Abdullah Beyhan