CVE-2025-32106

Name of the Vulnerable Software and Affected Versions Audiocodes Mediapack MP-11x versions 6.60A.369.002 and earlier

Description The issue allows an unauthenticated remote user to execute unauthorized code by sending a crafted POST request. This can result in the execution of unauthorized code.

Recommendations For versions 6.60A.369.002 and earlier, as a temporary workaround, consider restricting access to the API endpoint that handles POST requests until a patch is available. Avoid using the vulnerable function that handles the crafted POST request until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.