PT-2025-47482 · Audiocodes · Audiocodes Fax Server+1
Pierre Barre
·
Published
2025-11-19
·
Updated
2025-11-19
·
CVE-2025-34333
CVSS v4.0
8.5
High
| Vector | AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23
Description
The AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 are configured with overly permissive file system permissions for the web document root located at C:F2MAdminF2E. Authenticated local users have modify rights on this directory, while the web server process runs with SYSTEM privileges. This allows local users to create or alter server-side scripts within the webroot and then trigger them via HTTP requests, resulting in arbitrary code execution with SYSTEM privileges.
Recommendations
Versions prior to 2.6.23 should be used.
Exploit
Fix
LPE
Incorrect Default Permissions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Audiocodes Auto-Attendant Ivr
Audiocodes Fax Server