CVE ID : CVE-2025-34023
Published : June 20, 2025, 7:15 p.m. | 3 hours, 14 minutes ago
Description : A path traversal vulnerability exists in the Karel IP1211 IP Phone’s web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted path traversal sequences (e.g., ../../). This can expose sensitive files such as /etc/passwd and /etc/shadow.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More
