CVE-2025-10465
HIGHSensaway <= 09022026 - Unrestricted Upload of File with Dangerous Type
Title source: llmDescription
Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server. This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the relevant vulnerabilities. Users of the Sensaway application are advised to contact the manufacturer and review updated products developed with newer technology.
References (2)
Core 2
Core References
Government Resource government-resource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0022
Third Party Advisory, US Government Resource government-resource
broken-link
https://www.usom.gov.tr/bildirim/tr-26-0022
Scores
CVSS v3
8.8
EPSS
0.0039
EPSS Percentile
30.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-434
Status
published
Products (1)
Birtech Information Technologies Industry and Trade Ltd. Co./Sensaway
< 09022026
Published
Feb 09, 2026
Tracked Since
Feb 18, 2026