Remote Code Execution Vulnerability in Telenium Online Web Application by Megasys
CVE-2025-8769

9.3CRITICAL

Key Information:

Vendor: Megasys Computer Technologies
Status: Telenium Online Web Application
Vendor: CVE Published:; 24 December 2025

🔔 Create Megasys Computer Technologies Vulnerability Alert

What is CVE-2025-8769?

The Telenium Online Web Application has a vulnerability stemming from a Perl script responsible for loading the login page. This flaw is due to insufficient input validation, which opens a pathway for attackers to execute arbitrary Perl code on the server via specially crafted HTTP requests. Successful exploitation could lead to unauthorized access and the potential takeover of the affected system, emphasizing the necessity for web application security measures.

Affected Version(s)

Telenium Online Web Application 0 <= 8.3

References

https://megasys.com/support/

https://www.cisa.gov/news-events/ics-advisories/icsa-24-2...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2025
Vulnerability Reserved
Aug 8, 2025

Credit

Blake Rash and Bryan Sears reported this vulnerability to CISA.

JSON