Path Traversal Vulnerability in Mitel OpenScape Xpressions
CVE-2025-48026

7.5HIGH

Key Information:

Vendor: Mitel
Status: OpenScape Xpressions
Vendor: CVE Published:; 23 June 2025

What is CVE-2025-48026?

A vulnerability has been identified in the WebApl component of Mitel OpenScape Xpressions, which could allow an unauthenticated attacker to exploit a path traversal flaw. Due to inadequate input validation, an attacker may gain unauthorized access to the underlying operating system files, potentially leading to the exposure of sensitive information. Users are advised to review their security measures and apply recommended patches to mitigate this risk.

References

https://www.mitel.com/support/security-advisories

https://www.mitel.com/support/mitel-product-security-advi...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2025
Vulnerability Reserved
May 15, 2025

JSON