CVE-2025-47187 Information

Description

A vulnerability in the Mitel 6800 Series 6900 Series and 6900w Series SIP Phones including the 6970 Conference Unit through 6.4 SP4 could allow an unauthenticated attacker to perform a file upload attack due to missing authentication mechanisms. A successful exploit could allow an attacker to upload arbitrary WAV files which may potentially exhaust the phone’s storage without affecting the phone’s availability or operation.

Reference

https://www.mitel.com/support/security-advisories https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0004

Related CNNVD

CNNVD-202507-3041 (Published: 2025-07-23)