CVE-2025-34328 AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Upload RCE via ajaxScript.php

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodesfiles/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplie...