cbcvebase.

Audiocodes Limited Audiocodes Fax Ivr Appliance vulnerabilities

8 known vulnerabilities affecting audiocodes_limited/audiocodes_fax_ivr_appliance.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH5MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-34329P2CRITICALCVSS 9.8≤ 2.6.232025-11-19
CVE-2025-34329 [CRITICAL] CWE-434 CVE-2025-34329: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose a AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an unauthenticated backup upload endpoint at AudioCodes_files/ajaxBackupUploadFile.php in the F2MAdmin web interface. The script derives a backup folder path from application configuration, creates the directory if it does not exist, and then moves a
nvd
CVE-2025-34328P2CRITICALCVSS 9.8≤ 2.6.232025-11-19
CVE-2025-34328 [CRITICAL] CWE-434 CVE-2025-34328: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component (F2MAdmin) that exposes an unauthenticated script-management endpoint at AudioCodes_files/utils/IVR/diagram/ajaxScript.php. The saveScript action writes attacker-supplied data directly to a server-side file path under t
nvd
CVE-2025-34334P2HIGHCVSS 8.8≤ 2.6.232025-11-19
CVE-2025-34334 [HIGH] CWE-78 CVE-2025-34334: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 are vuln AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 are vulnerable to an authenticated command injection in the fax test functionality implemented by AudioCodes_files/TestFax.php. When a fax "send" test is requested, the application builds a faxsender command line using attacker-supplied parameters and passes it
nvd
CVE-2025-34335P2HIGHCVSS 8.8≤ 2.6.232025-11-19
CVE-2025-34335 [HIGH] CWE-78 CVE-2025-34335: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose a AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an authenticated command injection vulnerability in the license activation workflow handled by AudioCodes_files/ActivateLicense.php. When a license file is uploaded, the application derives a new filename by combining a generated base name with the attack
nvd
CVE-2025-34331P3HIGHCVSS 7.5≤ 2.6.232025-11-19
CVE-2025-34331 [HIGH] CWE-306 CVE-2025-34331: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 contain AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 contain an unauthenticated file read vulnerability via the download.php script. The endpoint exposes a file download mechanism that lacks access control, allowing remote, unauthenticated users to request files stored on the appliance based solely on attacker-sup
nvd
CVE-2025-34332P3HIGHCVSS 7.8≤ 2.6.232025-11-19
CVE-2025-34332 [HIGH] CWE-276 CVE-2025-34332: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component that controls back-end Windows services using helper batch scripts located under C:\\F2MAdmin\\F2E\\AudioCodes_files\\utils\\Services. When certain service actions are requested through ajaxPost.php, these scripts are invok
nvd
CVE-2025-34333P3HIGHCVSS 7.8≤ 2.6.232025-11-19
CVE-2025-34333 [HIGH] CWE-276 CVE-2025-34333: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configur AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\\F2MAdmin\\F2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process runs as NT AUTHORITY\\SYSTEM. As a result, any local use
nvd
CVE-2025-34330P3MEDIUMCVSS 5.3≤ 2.6.232025-11-19
CVE-2025-34330 [MEDIUM] CWE-434 CVE-2025-34330: AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 include a web administration component (F2MAdmin) that exposes an unauthenticated prompt upload endpoint at AudioCodes_files/utils/IVR/diagram/ajaxPromptUploadFile.php. The script accepts an uploaded file and writes it into the C:\\F2MAdmin\\tmp directory usin
nvd
Audiocodes Limited Audiocodes Fax Ivr Appliance vulnerabilities | cvebase