CVE-2025-11151
📋 TL;DR
This vulnerability in Beyaz Bilgisayar CityPLus software allows unauthorized actors to detect unpublicized web pages, exposing sensitive system information. It affects CityPLus versions before V24.29500.1.0, potentially revealing internal system details to attackers.
💻 Affected Systems
- Beyaz Bilgisayar CityPLus
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers map internal web infrastructure, discover administrative interfaces or sensitive endpoints, and use this information for further attacks like credential theft or system compromise.
Likely Case
Information disclosure about web server structure, potentially revealing hidden administrative panels, API endpoints, or development/testing environments.
If Mitigated
Limited exposure of non-critical endpoints with proper network segmentation and access controls in place.
🎯 Exploit Status
Information disclosure vulnerabilities typically require minimal technical skill to exploit using standard web scanning tools.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: V24.29500.1.0
Vendor Advisory: https://www.usom.gov.tr/bildirim/tr-25-0351
Restart Required: Yes
Instructions:
1. Download CityPLus V24.29500.1.0 or later from official vendor sources. 2. Backup current configuration and data. 3. Install the updated version following vendor documentation. 4. Restart the CityPLus service or system as required.
🔧 Temporary Workarounds
Network Access Restriction
allRestrict network access to CityPLus web interfaces using firewall rules
Web Server Configuration Hardening
allConfigure web server to hide directory listings and restrict access to non-public endpoints
🧯 If You Can't Patch
- Implement strict network segmentation to isolate CityPLus from untrusted networks
- Deploy web application firewall (WAF) with rules to detect and block directory enumeration attempts
🔍 How to Verify
Check if Vulnerable:
Check CityPLus version in application interface or configuration files. If version is earlier than V24.29500.1.0, system is vulnerable.Check Version:
Check application interface or consult vendor documentation for version verification methodVerify Fix Applied:
Confirm CityPLus version is V24.29500.1.0 or later. Test with web scanning tools to verify unpublicized pages are no longer detectable.📡 Detection & Monitoring
Log Indicators:
- Unusual number of 404 or 403 errors from scanning tools
- Requests to uncommon or hidden URL paths
- Patterns of sequential directory/file enumeration
Network Indicators:
- HTTP requests with common directory/file enumeration patterns
- Unusual traffic to non-standard ports if web interface runs on custom port
SIEM Query:
source="web_server_logs" AND (status_code="404" OR status_code="403") AND uri CONTAINS "/admin" OR uri CONTAINS "/api" OR uri CONTAINS "/test" GROUP BY src_ip HAVING COUNT > threshold