Login Sign Up

CVE-2025-65236

9.8 CRITICAL
SQL Injection Authentication Bypass

📋 TL;DR

This SQL injection vulnerability in OpenCode Systems USSD Gateway allows attackers to execute arbitrary SQL commands via the Session ID parameter in the control panel endpoint. Attackers can potentially access, modify, or delete database contents, affecting all systems running the vulnerable version without proper input validation.

💻 Affected Systems

Products:
  • OpenCode Systems USSD Gateway
Versions: OC Release: 5
Operating Systems: Not specified, likely multiple
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /occontrolpanel/index.php endpoint specifically via Session ID parameter.

📦 What is this software?

Ussd Gateway by Opencode

View all CVEs affecting Ussd Gateway →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the USSD gateway system leading to data exfiltration, authentication bypass, remote code execution, and potential lateral movement to connected systems.

🟠

Likely Case

Unauthorized database access allowing extraction of sensitive information, modification of configuration data, or disruption of USSD services.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation preventing database access.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection via Session ID parameter is straightforward to exploit with common tools like sqlmap.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not found in provided references

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. Apply any available patches. 3. Validate fix by testing the vulnerable endpoint.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy WAF rules to block SQL injection patterns in Session ID parameter

Input Validation Filter

all

Implement server-side validation to reject malicious Session ID values

🧯 If You Can't Patch

  • Isolate the USSD gateway system from internet access and restrict to necessary internal networks only
  • Implement strict network segmentation and monitor all database access from the gateway

🔍 How to Verify

Check if Vulnerable:

Test the /occontrolpanel/index.php endpoint with SQL injection payloads in Session ID parameter using tools like sqlmap or manual testing

Check Version:

Check application version in admin interface or configuration files

Verify Fix Applied:

Retest the endpoint with SQL injection payloads to confirm they are properly rejected or sanitized

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed login attempts with SQL patterns
  • Unexpected database queries from gateway IP

Network Indicators:

  • SQL injection patterns in HTTP requests to /occontrolpanel/index.php
  • Unusual database traffic from gateway system

SIEM Query:

source="*ussd*" AND ("SQL syntax" OR "union select" OR "' OR '1'='1")

📊 Metadata

CVE ID: CVE-2025-65236
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
EPSS Score: 0.05% exploit probability (14.2th percentile)
Published: November 26, 2025
Last Updated: January 2, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65236, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)