CVE-2024-12924: CWE-601 URL Redirection to Untrusted Site ('Open Redirect') in Akınsoft QR Menü
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akınsoft QR Menü allows Forceful Browsing, Phishing. This issue affects QR Menü: from s1.05.05 before v1.05.12.
AI Analysis
Technical Summary
The vulnerability identified as CVE-2024-12924 affects Akınsoft QR Menü versions from s1.05.05 before v1.05.12. It is classified as CWE-601, an Open Redirect issue, where the application improperly handles URL redirection, allowing attackers to redirect users to untrusted external websites. This can facilitate phishing attacks or forceful browsing by misleading users. The CVSS v3.1 base score is 6.3, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, and impacts on confidentiality, integrity, and availability at a low level. No vendor advisory or patch information is currently available, and the product is not a cloud service.
Potential Impact
Successful exploitation of this vulnerability can lead to users being redirected to malicious websites, increasing the risk of phishing attacks and potentially unauthorized access through forceful browsing. The impact on confidentiality, integrity, and availability is rated as low, but user trust and security can be compromised.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users and administrators should be cautious about URL redirections within the affected versions of Akınsoft QR Menü. Implementing additional user awareness and monitoring for suspicious redirects may help mitigate risk.
CVE-2024-12924: CWE-601 URL Redirection to Untrusted Site ('Open Redirect') in Akınsoft QR Menü
Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akınsoft QR Menü allows Forceful Browsing, Phishing. This issue affects QR Menü: from s1.05.05 before v1.05.12.
CVSS v3.1
Score 6.3medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability identified as CVE-2024-12924 affects Akınsoft QR Menü versions from s1.05.05 before v1.05.12. It is classified as CWE-601, an Open Redirect issue, where the application improperly handles URL redirection, allowing attackers to redirect users to untrusted external websites. This can facilitate phishing attacks or forceful browsing by misleading users. The CVSS v3.1 base score is 6.3, reflecting network attack vector, low attack complexity, no privileges required, user interaction required, and impacts on confidentiality, integrity, and availability at a low level. No vendor advisory or patch information is currently available, and the product is not a cloud service.
Potential Impact
Successful exploitation of this vulnerability can lead to users being redirected to malicious websites, increasing the risk of phishing attacks and potentially unauthorized access through forceful browsing. The impact on confidentiality, integrity, and availability is rated as low, but user trust and security can be compromised.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, users and administrators should be cautious about URL redirections within the affected versions of Akınsoft QR Menü. Implementing additional user awareness and monitoring for suspicious redirects may help mitigate risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- TR-CERT
- Date Reserved
- 2024-12-25T11:57:41.720Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a1d832ee29bf47b50f6aa4e
Added to database: 6/1/2026, 1:03:42 PM
Last enriched: 6/1/2026, 1:20:40 PM
Last updated: 6/2/2026, 6:17:32 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.