CNNVD-202511-2204 Information
CNNVD ID
CNNVD-202511-2204
Related CVE
- CNNVD Published: 2025-11-19
Description (Chinese)
AudioCodes Fax Server是以色列AudioCodes公司的一个传真服务器。 AudioCodes Fax Server 2.6.23及之前版本存在安全漏洞,该漏洞源于未经验证的备份上传端点,可能导致任意文件上传和执行。
Description (English)
AudioCodes Fax Server is a fax server for the Israeli company AudioCodes. AudioCodes Fax Server 2.6.23 and earlier versions had a security loophole, which originated from an unverified backup upload endpoint, which could lead to the uploading and execution of any document.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
AudioCodes
Published
2025-11-19
Last Modified
2026-02-24
References
https://pierrekim.github.io/advisories/2025-audiocodes-fax-ivr.txt https://pierrekim.github.io/blog/2025-11-20-audiocodes-fax-ivr-8-vulnerabilities.html https://www.audiocodes.com/media/g1in2u2o/0548-product-notice-end-of-service-for-audiocodes-auto-attendant-ivr-solution.pdf https://www.vulncheck.com/advisories/audiocodes-fax-ivr-appliance-unauthenticated-backup-upload-rce-via-ajaxbackupuploadfile
Share on: