{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-7702", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "state": "PUBLISHED", "assignerShortName": "TR-CERT", "dateReserved": "2025-07-16T08:56:49.137Z", "datePublished": "2025-09-19T07:58:32.331Z", "dateUpdated": "2025-09-19T11:53:02.860Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Manageable Email Sending System", "vendor": "Pusula Communication Information Internet Industry and Trade Ltd. Co.", "versions": [{"lessThan": "2025.08.06", "status": "affected", "version": "<=2025.06", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Emre DO\u011eAN"}], "datePublic": "2025-09-19T07:50:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client.<p>This issue affects Manageable Email Sending System: from &lt;=2025.06 before 2025.08.06.</p>"}], "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client.This issue affects Manageable Email Sending System: from <=2025.06 before 2025.08.06."}], "impacts": [{"capecId": "CAPEC-22", "descriptions": [{"lang": "en", "value": "CAPEC-22 Exploiting Trust in Client"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2025-09-19T07:58:32.331Z"}, "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-25-0274"}], "source": {"advisory": "TR-25-0274", "defect": ["TR-25-0274"], "discovery": "UNKNOWN"}, "title": "Open Redirect in PUSULA's Manageable Email Sending System", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-19T11:52:20.481930Z", "id": "CVE-2025-7702", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-19T11:53:02.860Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7702", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-19T11:52:20.481930Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-19T11:52:24.124Z"}}], "cna": {"title": "Open Redirect in PUSULA's Manageable Email Sending System", "source": {"defect": ["TR-25-0274"], "advisory": "TR-25-0274", "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Emre DO\u011eAN"}], "impacts": [{"capecId": "CAPEC-22", "descriptions": [{"lang": "en", "value": "CAPEC-22 Exploiting Trust in Client"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Pusula Communication Information Internet Industry and Trade Ltd. Co.", "product": "Manageable Email Sending System", "versions": [{"status": "affected", "version": "<=2025.06", "lessThan": "2025.08.06", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2025-09-19T07:50:00.000Z", "references": [{"url": "https://www.usom.gov.tr/bildirim/tr-25-0274"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client.This issue affects Manageable Email Sending System: from <=2025.06 before 2025.08.06.", "supportingMedia": [{"type": "text/html", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client.<p>This issue affects Manageable Email Sending System: from &lt;=2025.06 before 2025.08.06.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "shortName": "TR-CERT", "dateUpdated": "2025-09-19T07:58:32.331Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7702", "state": "PUBLISHED", "dateUpdated": "2025-09-19T11:53:02.860Z", "dateReserved": "2025-07-16T08:56:49.137Z", "assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21", "datePublished": "2025-09-19T07:58:32.331Z", "assignerShortName": "TR-CERT"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client.This issue affects Manageable Email Sending System: from <=2025.06 before 2025.08.06."}], "id": "CVE-2025-7702", "lastModified": "2025-09-19T16:00:27.847", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "iletisim@usom.gov.tr", "type": "Primary"}]}, "published": "2025-09-19T08:15:31.530", "references": [{"source": "iletisim@usom.gov.tr", "url": "https://www.usom.gov.tr/bildirim/tr-25-0274"}], "sourceIdentifier": "iletisim@usom.gov.tr", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "iletisim@usom.gov.tr", "type": "Primary"}]}

{}

{"created": "2025-09-22T10:00:12.125706+00:00", "updated": "2025-09-22T10:06:30.323465+00:00", "vendors": ["pusula", "pusula$PRODUCT$manageable_email_sending_system"]}