4 matches found
AudioCodes Fax/IVR Appliance 2.6.23 Scanner
AudioCodes Fax/IVR Appliance version 2.6.23 vulnerability scanning tool that detects instances for identification purposes but does not actively exploit them...
CVE-2025-34331 AudioCodes Fax/IVR Appliance <= 2.6.23 Unauthenticated File Read via download.php
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 contain an unauthenticated file read vulnerability via the download.php script. The endpoint exposes a file download mechanism that lacks access control, allowing remote, unauthenticated users to request...
CVE-2025-34328
AudioCodes Fax Server and Auto-Attendant IVR appliances (≤ 2.6.23) expose an unauthenticated script-management endpoint in the web administration component (F2MAdmin) at AudioCodes_files/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplied data directly to a server-sid...
CVE-2025-34333
CVE-2025-34333 affects AudioCodes Fax Server and Auto-Attendant IVR appliances