CNNVD-202602-721 Information
CNNVD ID
CNNVD-202602-721
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
Zenitel TCIS-3+是挪威Zenitel公司的一个IP对讲终端。 Zenitel TCIS-3+存在安全漏洞,该漏洞源于允许经过身份验证的攻击者利用上传的文件名在底层系统上执行任意命令。
Description (English)
Zenitel TCIS-3+ is an IP chat terminal for Zenitel, Norway. Zenitel TCIS-3+ has a security loophole, which stems from the fact that the identity-verified assailants are allowed to execute arbitrary orders on the bottom-up system using the uploaded file name.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zenitel
Published
2026-02-04
Last Modified
2026-02-24
References
https://www.zenitel.com/sites/default/files/2025-12/A100K12333%20Zenitel%20Security%20Advisory.pdf https://wiki.zenitel.com/wiki/VSF-Fortitude6_9.3_Release_Notes https://wiki.zenitel.com/wiki/VSF-Display_Series_9.3_Release_Notes https://wiki.zenitel.com/wiki/ZIPS_9.3_-_Release_notes https://wiki.zenitel.com/wiki/Turbine_9.3_-_Release_notes https://wiki.zenitel.com/wiki/VSF-Fortitude8_9.3_Release_Notes https://access.redhat.com/security/cve/cve-2025-59818
Patch
https://wiki.zenitel.com/wiki/Turbine_9.3_-_Release_notes
Share on: