CVE-2025-10465

HIGH

Birtech Sensaway <9.02.2026 - RCE

Title source: llm

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Sensaway allows Upload a Web Shell to a Web Server.This issue affects Sensaway: through 09022026. NOTE: Because the product was developed using outdated technology, the manufacturer is unable to fix the relevant vulnerabilities. Users of the Sensaway application are advised to contact the manufacturer and review updated products developed with newer technology.

References (1)

[Third Party Advisory, US Government Resource] https://www.usom.gov.tr/bildirim/tr-26-0022

Scores

CVSS v3 8.8

EPSS 0.0002

EPSS Percentile 5.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-434

Status published

Products (1)

Birtech Information Technologies Industry and Trade Ltd. Co./Sensaway < 09022026

Published Feb 09, 2026

Tracked Since Feb 18, 2026