CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/11/20 9:36 p.m.•6 views

CVE-2025-34335

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an authenticated command injection vulnerability in the license activation workflow handled by AudioCodesfiles/ActivateLicense.php. When a license file is uploaded, the application derives a new...

8.8CVSS7.6AI score0.02561EPSS

RedhatCVE•added 2025/11/20 9:36 p.m.•10 views

CVE-2025-34331

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 contain an unauthenticated file read vulnerability via the download.php script. The endpoint exposes a file download mechanism that lacks access control, allowing remote, unauthenticated users to request...

8.7CVSS6.5AI score0.00462EPSS

RedhatCVE•added 2025/11/20 9:36 p.m.•4 views

CVE-2025-34329

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an unauthenticated backup upload endpoint at AudioCodesfiles/ajaxBackupUploadFile.php in the F2MAdmin web interface. The script derives a backup folder path from application configuration, creates t...

9.8CVSS7.4AI score0.01017EPSS

7.8CVSS5.8AI score0.00178EPSS

CVE-2025-34332

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts located under C:\F2MAdmin\F2E\AudioCodesfiles\utils\Services. When certain service actions are...

8.8CVSS5.9AI score0.02561EPSS

CVE-2025-34335

NVD•added 2025/11/19 5:15 p.m.•3 views

CVE-2025-34332

8.5CVSS0.00178EPSS

9.8CVSS5.9AI score0.01017EPSS

CVE-2025-34329

OSV•added 2025/11/19 5:15 p.m.•2 views

CVE-2025-34328

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component F2MAdmin that exposes an unauthenticated script-management endpoint at AudioCodesfiles/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplie...

9.8CVSS6AI score0.00621EPSS

NVD•added 2025/11/19 5:15 p.m.•5 views

CVE-2025-34329

9.8CVSS0.01017EPSS

NVD•added 2025/11/19 5:15 p.m.•4 views

CVE-2025-34331

8.7CVSS0.00462EPSS

CVE•added 2025/11/19 4:24 p.m.•8 views

CVE-2025-34331

7.5CVSS5.7AI score

Exploits0References4

CVE-2025-34335

AudioCodes Fax Server and Auto-Attendant IVR appliances up to version 2.6.23 are affected by an authenticated command injection in the license activation workflow (ActivateLicense.php). An authenticated user uploading a license file can craft the file name’s extension to inject shell metacharacte...

8.8CVSS7.2AI score0.02561EPSS

Exploits2References4Affected Software2

CVE•added 2025/11/19 4:22 p.m.•10 views

CVE-2025-34331

CVE-2025-34331 affects AudioCodes Fax Server and Auto-Attendant IVR appliances up to version 2.6.23. The issue is an unauthenticated file read via the download.php endpoint, which lacks access control and lets remote, unauthenticated users request files based on attacker-supplied path/filename. T...

8.7CVSS6.1AI score0.00462EPSS

Exploits2References4Affected Software2

Vulnrichment•added 2025/11/19 4:22 p.m.•4 views

CVE-2025-34330 AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated Prompt File Upload via ajaxPromptUploadFile.php

6.9CVSS6.6AI score0.00421EPSS

Cvelist•added 2025/11/19 4:22 p.m.•8 views

CVE-2025-34330 AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated Prompt File Upload via ajaxPromptUploadFile.php

6.9CVSS0.00421EPSS

Cvelist•added 2025/11/19 4:21 p.m.•8 views

CVE-2025-34333 AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE

AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\F2MAdmin\F2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process...

8.5CVSS0.00178EPSS