CVE-2025-0645 | THREATINT

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Pyxis Signage: through 31012025.

PUBLISHED Reserved 2025-01-22 | Published 2025-11-20 | Updated 2025-11-20 | Assigner TR-CERT

HIGH: 7.2CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-434 Unrestricted Upload of File with Dangerous Type

Product status

Default status

unaffected

Any version

affected

Credits

Tunahan TEKEOĞLU finder

References

www.usom.gov.tr/bildirim/tr-25-0404

cve.org (CVE-2025-0645)

nvd.nist.gov (CVE-2025-0645)

Download JSON