CNNVD-202511-2205 Information

CNNVD ID

CNNVD-202511-2205

Related CVE

CVE-2025-34328

• CNNVD Published: 2025-11-19

Description (Chinese)

AudioCodes Fax Server是以色列AudioCodes公司的一个传真服务器。 AudioCodes Fax Server 2.6.23及之前版本存在安全漏洞，该漏洞源于未经验证的脚本管理端点，可能导致任意文件写入和执行。

Description (English)

AudioCodes Fax Server is a fax server for the Israeli company AudioCodes. AudioCodes Fax Server 2.6.23 and previous versions had a security loophole, which originated from unverified script management endpoints and could lead to the writing and implementation of any document.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

AudioCodes

Published

2025-11-19

Last Modified

2026-02-24

References

https://www.audiocodes.com/media/g1in2u2o/0548-product-notice-end-of-service-for-audiocodes-auto-attendant-ivr-solution.pdf https://www.vulncheck.com/advisories/audiocodes-fax-ivr-appliance-unauthenticated-file-upload-rce-via-ajaxscript https://pierrekim.github.io/advisories/2025-audiocodes-fax-ivr.txt https://pierrekim.github.io/blog/2025-11-20-audiocodes-fax-ivr-8-vulnerabilities.html https://access.redhat.com/security/cve/cve-2025-34328