CVE-2025-48026

Name of the Vulnerable Software and Affected Versions: Mitel OpenScape Xpressions versions through V7R1 FR5 HF43 P913

Description: A vulnerability in the WebApl component could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow an attacker to read files from the underlying OS and obtain sensitive information.

Recommendations: For versions through V7R1 FR5 HF43 P913, consider restricting access to the WebApl component until a patch is available. As a temporary workaround, ensure proper input validation for all user inputs to minimize the risk of path traversal attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.