Unrestricted File Upload Vulnerability in Specto CM by Echo Call Center Services
CVE-2025-2155

8.8HIGH

Key Information:

Vendor: Echo Call Center Services Trade And Industry Inc.
Status: Specto Cm
Vendor: CVE Published:; 24 December 2025

🔔 Create Echo Call Center Services Trade And Industry Inc. Vulnerability Alert

What is CVE-2025-2155?

The unrestricted file upload vulnerability in Specto CM, provided by Echo Call Center Services, allows unauthorized users to upload files of dangerous types. This flaw can lead to remote code inclusion, enabling attackers to execute malicious code on affected systems. It is critical for users of versions prior to 17032025 to assess their security posture and apply necessary updates to mitigate this risk.

Affected Version(s)

Specto CM 0 < 17032025

References

https://www.usom.gov.tr/bildirim/tr-25-0480

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2025
Vulnerability Reserved
Mar 10, 2025

Credit

Saadet Elif TOKUOĞLU

Berk İMRAN

JSON