CVE-2025-64128

Name of the Vulnerable Software and Affected Versions Zenitel TCIV-3+ (affected versions not specified)

Description An OS command injection issue arises from insufficient validation of user-provided input. The validation process does not adequately enforce formatting rules, potentially allowing attackers to append arbitrary data. This could enable an unauthenticated attacker to inject and execute arbitrary commands. The vulnerability allows for complete system compromise.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.