CVE-2025-47188
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-47188
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the phone, leading to disclosure or modification of sensitive configuration data or affecting device availability and operation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Mitel多款产品 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Mitel 6800 Series等都是加拿大敏迪(Mitel)公司的一系列电话。 Mitel多款产品存在安全漏洞,该漏洞源于参数清理不足,可能导致命令注入攻击。以下产品及版本受到影响:Mitel 6800 Series、6900 Series和6900w Series SIP Phones 6.4 SP4及之前版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2025-47188
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. This template should be run on port 49249/tcp. | https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2025/CVE-2025-47188.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-47188
请登录查看更多情报信息。
Same Patch Batch · n/a · 2025-08-07 · 39 CVEs total
| CVE-2025-8697 | 6.3 MEDIUM | agentUniverse MCPSessionManager/MCPTool/MCPToolkit StdioServerParameters os command inject |
| CVE-2025-51533 | 5.3 MEDIUM | Sage DPW 安全漏洞 |
| CVE-2025-8698 | 3.3 LOW | Open5GS AMF Service nsmf-handler.c amf_nsmf_pdusession_handle_release_sm_context assertion |
| CVE-2023-41531 | Hospital Management System 安全漏洞 | |
| CVE-2023-41528 | Hospital Management System 安全漏洞 | |
| CVE-2023-41521 | Student Attendance Management System 安全漏洞 | |
| CVE-2023-41523 | Student Attendance Management System 安全漏洞 | |
| CVE-2023-41522 | Student Attendance Management System 安全漏洞 | |
| CVE-2023-41520 | Student Attendance Management System 安全漏洞 | |
| CVE-2025-51629 | Agenzia Impresa EccoBook 安全漏洞 | |
| CVE-2023-41530 | Hospital Management System 安全漏洞 | |
| CVE-2023-41532 | Hospital Management System 安全漏洞 | |
| CVE-2025-45765 | jwt 安全漏洞 | |
| CVE-2025-50675 | Lighthouse data GPMAW 14 安全漏洞 | |
| CVE-2025-50692 | FoxCMS 安全漏洞 | |
| CVE-2025-47219 | GStreamer 安全漏洞 | |
| CVE-2025-47183 | GStreamer 安全漏洞 | |
| CVE-2025-47806 | GStreamer 安全漏洞 | |
| CVE-2025-47807 | GStreamer 安全漏洞 | |
| CVE-2025-47808 | GStreamer 安全漏洞 |
Showing top 20 of 39 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2025-47188
No comments yet