CVE-2024-12924 - Vulnerability Details - OpenCVE

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akınsoft QR Menü allows Forceful Browsing, Phishing.This issue affects QR Menü: from s1.05.05 before v1.05.12.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://www.usom.gov.tr/bildirim/tr-25-0202

History

Mon, 01 Sep 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akınsoft QR Menü allows Forceful Browsing, Phishing.This issue affects QR Menü: from s1.05.05 before v1.05.12.
Title		Open Redirect in Akinsoft's QR Menu
Weaknesses		CWE-601
References		https://www.usom.gov.tr/bildirim/tr-25-0202
Metrics		cvssV3_1 `{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L'}`

MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published: 2025-09-01T12:33:31.981Z

Updated: 2025-09-01T12:33:31.981Z

Reserved: 2024-12-25T11:57:41.720Z

Link: CVE-2024-12924

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-01T13:15:32.897

Modified: 2025-09-01T13:15:32.897

Link: CVE-2024-12924

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12924", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2024-12-25T11:57:41.720Z", "datePublished": "2025-09-01T12:33:31.981Z", "dateUpdated": "2025-09-01T12:33:31.981Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "QR Men\u00fc", "vendor": "Ak\u0131nsoft", "versions": [{"lessThan": "v1.05.12", "status": "affected", "version": "s1.05.05", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Berat ARSLAN"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Ak\u0131nsoft QR Men\u00fc allows Forceful Browsing, Phishing.<p>This issue affects QR Men\u00fc: from s1.05.05 before v1.05.12.</p>"}], "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Ak\u0131nsoft QR Men\u00fc allows Forceful Browsing, Phishing.This issue affects QR Men\u00fc: from s1.05.05 before v1.05.12."}], "impacts": [{"capecId": "CAPEC-87", "descriptions": [{"lang": "en", "value": "CAPEC-87 Forceful Browsing"}]}, {"capecId": "CAPEC-98", "descriptions": [{"lang": "en", "value": "CAPEC-98 Phishing"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2025-09-01T12:33:31.981Z"}, "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-25-0202"}], "source": {"advisory": "TR-25-0202", "defect": ["TR-25-0202"], "discovery": "UNKNOWN"}, "title": "Open Redirect in Akinsoft's QR Menu", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}