CVE-2025-2493 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Path Traversal vulnerability in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to manipulate the ‘id’ parameter of the ‘/softdial/s…
High CVSS: 8.7

CVE-2025-2493

Path Traversal vulnerability in Softdial Contact Center of Sytel Ltd. This vulnerability allows an attacker to manipulate the ‘id’ parameter of the ‘/softdial/scheduler/load.php’ endpoint to navigate beyond the intended directory. This can allow unauthorised access to sensitive files outside the expected scope, posing a security risk.
Vendor
Sytel
Product
Softdial Contact Center
CWE
CWE-22
Yayın Tarihi
2025-03-18 12:15:15
Güncelleme
2025-10-21 14:48:52
Source Identifier
cve-coordination@incibe.es
KEV Date Added
-

Kategoriler

CWE-22 Softdial Contact Center HIGH Sytel 2025

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-softdial-contact-center