CVE-2026-1815 | THREATINT

Description

Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Application allows Session Hijacking. This issue affects Mobile Application: from 1.6.2 before 1.13.

PUBLISHED Reserved 2026-02-03 | Published 2026-05-21 | Updated 2026-05-21 | Assigner TR-CERT

MEDIUM: 5.7CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Problem types

CWE-613 Insufficient session expiration

Product status

Default status

unaffected

1.6.2 (custom) before 1.13

affected

Credits

Metin ÖGTEM finder

References

siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0286 government-resource

cve.org (CVE-2026-1815)

nvd.nist.gov (CVE-2026-1815)

Download JSON