CVE-2025-65239 – This vulnerability allows attackers with low-le... (How to Fix)

Q: What is the severity of CVE-2025-65239?

CVE-2025-65239 has a CVSS score of 4.3 (MEDIUM). This vulnerability allows attackers with low-level privileges to read server logs via the /aux1/ocussd/trace endpoint in OpenCode Systems USSD Gateway. It affects organizations using OpenCode Systems USSD Gateway OC Release:5 version 6.13.11. The improper access control exposes potentially sensitive log information to unauthorized users.

📋 TL;DR

This vulnerability allows attackers with low-level privileges to read server logs via the /aux1/ocussd/trace endpoint in OpenCode Systems USSD Gateway. It affects organizations using OpenCode Systems USSD Gateway OC Release:5 version 6.13.11. The improper access control exposes potentially sensitive log information to unauthorized users.

💻 Affected Systems

Products:

OpenCode Systems USSD Gateway OC

Versions: Release:5, version 6.13.11

Operating Systems: Not specified, likely various

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific endpoint /aux1/ocussd/trace. Other endpoints may not be vulnerable.

📦 What is this software?

Ussd Gateway by Opencode

View all CVEs affecting Ussd Gateway →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could extract sensitive information from logs including user data, system configurations, or authentication details, potentially enabling further attacks.

🟠

Likely Case

Low-privilege users or attackers who gain initial access can read server logs containing operational data, potentially identifying other vulnerabilities or sensitive information.

🟢

If Mitigated

With proper access controls, only authorized administrators can access server logs, limiting exposure of sensitive information.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires low-level privileges. The vulnerability is documented in public repositories with technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates or apply workarounds.

🔧 Temporary Workarounds

Restrict endpoint access

all

Implement access control rules to restrict the /aux1/ocussd/trace endpoint to authorized administrators only.

# Configure web server or application firewall rules to restrict access to /aux1/ocussd/trace

Disable trace endpoint

all

Temporarily disable or remove the vulnerable endpoint if not required for operations.

# Modify application configuration to disable /aux1/ocussd/trace endpoint

🧯 If You Can't Patch

Implement network segmentation to isolate the USSD gateway from untrusted networks.
Enhance monitoring of access to the /aux1/ocussd/trace endpoint and review logs for unauthorized access attempts.

🔍 How to Verify

Check if Vulnerable:

Attempt to access the /aux1/ocussd/trace endpoint with low-privilege credentials. If server logs are accessible, the system is vulnerable.

Check Version:

Check application version through administrative interface or configuration files specific to OpenCode Systems USSD Gateway.

Verify Fix Applied:

Verify that low-privilege users cannot access the /aux1/ocussd/trace endpoint after implementing access controls.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to /aux1/ocussd/trace endpoint
Multiple log access requests from non-admin users

Network Indicators:

HTTP GET requests to /aux1/ocussd/trace from unauthorized IPs or users

SIEM Query:

source="ussd_gateway" AND (uri="/aux1/ocussd/trace" AND user_role!="admin")

📊 Metadata

CVE ID: CVE-2025-65239

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-284

EPSS Score: 0.04% exploit probability (10.8th percentile)

Published: November 26, 2025

Last Updated: December 30, 2025

🔗 References

https://eslam3kl.gitbook.io Not Applicable
https://eslam3kl.gitbook.io/blog/web-application-findings/cve-2025-65239-ussd-gateway-broken-access-control-logs Exploit,Third Party Advisory
https://github.com/eslam3kl Not Applicable

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65239, you might also want to check these: