CVE-2025-34335 | AudioCodes Fax Server/Auto-Attendant IVR up to 2.6.23 License Upload Interface ActivateLicense.php os command injection

A vulnerability was found in AudioCodes Fax Server and Auto-Attendant IVR up to 2.6.23 and classified as critical. The impacted element is an unknown function of the file AudioCodes_files/ActivateLicense.php of the component License Upload Interface. Such manipulation leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is documented as CVE-2025-34335. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More