OpenCode Systems USSD Gateway Access Control Vulnerability in Log Reading

Vulnerability

A vulnerability exists in OpenCode Systems USSD Gateway OC Release 5, version 6.13.11, due to incorrect access control in the /aux1/ocussd/trace endpoint. This flaw allows attackers with low-level privileges to access and read server logs.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive server log information.

Added: Nov 26, 2025, 5:17 PM

Updated: Nov 26, 2025, 5:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenCode Systems USSD Gateway Access Control Vulnerability in Log Reading

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating