What is CVE-2026-3843?

CVE-2026-3843 is a critical-severity vulnerability in Bukts Buk_ts-g_gas_station_automation_system, classified under SQL Injection. CVSS score: 9.8/10. Published 2026-03-10.

How severe is CVE-2026-3843?

Critical severity. CVSS v3 base score is 9.8 out of 10.

SQL Injection in Bukts Buk_ts-g_gas_station_automation_system

CVE-2026-3843

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability (CWE-89) in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/requ…

Vulnerability class: SQL Injection

EPSS: 0.002 (40.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Bukts Buk_ts-g_gas_station_automation_system
Linux Linux_kernel
Nefteprodukttekhnika Llc Buk Ts-g Gas Station Automation System — versions 2.9.1, 2.10.2

Weakness classification (CWE)

CWE-89 — SQL Injection

References

309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c (Broken Link)
309f9ea4-e3e9-4c6c-b79d-e8eb01244f2c (Broken Link)

Frequently asked questions

What is CVE-2026-3843?: CVE-2026-3843 is a critical-severity vulnerability in Bukts Buk_ts-g_gas_station_automation_system, classified under SQL Injection. CVSS score: 9.8/10. Published 2026-03-10.
How severe is CVE-2026-3843?: Critical severity. CVSS v3 base score is 9.8 out of 10.