Path Traversal Vulnerability in Karel IP1211 IP Phone Web Management Panel
CVE-2025-34023

8.5HIGH

Key Information:

Vendor

Karel

Status
Karel Ip Phone Ip1211
Vendor
CVE Published:
20 June 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-34023?

A path traversal vulnerability exists in the web management panel of the Karel IP1211 IP Phone. The vulnerability arises from the insufficient sanitization of user input in the /cgi-bin/cgiServer.exx endpoint. This flaw allows remote authenticated attackers to manipulate the page parameter with specially crafted path traversal sequences (e.g., ../../), granting them unauthorized access to arbitrary files on the system. This could lead to the exposure of sensitive information, such as configuration files and user credentials, compromising the security of the device and its network.

Affected Version(s)

Karel IP Phone IP1211 0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-34023 - Proof of Concept

CVE-2025-34023 - Proof of Concept

References

https://web.archive.org/web/20201020023943/https://www.ka...
product
https://cxsecurity.com/issue/WLB-2020100038
third-party-advisoryexploit
https://www.exploit-db.com/exploits/48857
third-party-advisoryexploit

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Berat Gokberk Isler
.
CVE-2025-34023 : Path Traversal Vulnerability in Karel IP1211 IP Phone Web Management Panel