Mitel MiCollab - Authentication Bypass

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the...

CVE-2008-6797

The server in Mitel NuPoint Messenger R11 and R3 sends usernames and passwords in cleartext to Exchange servers, which allows remote attackers to obtain sensitive information by sniffing the network...

EUVD-2008-6757

Malware in sbrugna...

EUVD-2020-23214

Malware in sbrugna...

EUVD-2025-24008

Malicious code in bioql PyPI...

CVE-2025-52913

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP2 9.8.2.12 could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to...

CVE-2025-52913

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP2 9.8.2.12 could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to...

Mitel MiCollab 安全漏洞

Mitel MiCollab is a mobile application that provides voice, video, messaging, audio conferencing, and team collaboration for employees from Mitel Canada. A security vulnerability exists in Mitel MiCollab version 9.8.2.12 and earlier, which stems from insufficient input validation of the NuPoint...

PT-2025-32386 · Mitel · Micollab +1

Name of the Vulnerable Software and Affected Versions: Mitel MiCollab versions through 9.8 SP2 9.8.2.12 Description: A vulnerability exists in the NuPoint Unified Messaging NPM component that could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input...

CVE-2025-52913

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP2 9.8.2.12 could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to...

CVE-2025-52913

The CVE-2025-52913 affects Mitel MiCollab’s NuPoint Unified Messaging (NPM) component up to version 9.8 SP2 (9.8.2.12). The root cause is insufficient input validation, enabling an unauthenticated attacker to perform a path traversal attack. Exploitation could grant unauthorized access to view, c...

CVE-2025-52913

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP2 9.8.2.12 could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to...

CVE-2024-41713

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the...

CVE-2024-35287

A vulnerability in the NuPoint Messenger NPM component of Mitel MiCollab through version 9.8 SP1 9.8.1.5 could allow an authenticated attacker with administrative privilege to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploi...

CVE-2024-35286

A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a SQL injection attack due to insufficient sanitization of user input. A successful exploit could allow an attacker to access sensitive information and execute arbitrary...

CVE-2024-35285

A vulnerability in NuPoint Messenger NPM of Mitel MiCollab through 9.8.0.33 allows an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization...

CVE-2020-25609

The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to view and modify user data...

CVE-2020-35547

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access view and modify to user data...

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform allows attackers to execute SQL code through this attack.

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform relates to the lack of security measures for handling SQL queries. Exploiting this vulnerability allows an attacker to carry out an attack by injecting SQL code by sending a specially crafted...

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform allows a hacker to execute arbitrary commands.

The vulnerability of the NuPoint Unified Messaging component of the Mitel MiCollab collaboration platform is related to the lack of data cleaning measures at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially created data...