CVE-2025-64127

Name of the Vulnerable Software and Affected Versions Zenitel TCIV-3+ (affected versions not specified)

Description An OS command injection issue arises from inadequate sanitization of user-provided input. The application processes parameters without sufficient validation before incorporating them into OS commands. This could enable a remote, unauthenticated attacker to execute arbitrary commands.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.