CVE-2025-47188

MEDIUM EXPLOITED NUCLEI

Mitel 6000 - OS Command Injection

Title source: nuclei

Exploitation Summary

CVE-2025-47188 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 (R6.4.0.4006), and the 6970 Conference Unit through 6.4 SP4 (R6.4.0.4006) or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the phone, leading to disclosure or modification of sensitive configuration data or affecting device availability and operation.

Nuclei Templates (1)

Mitel 6000 - OS Command Injection

CRITICALby matejsmycka

FOFA: icon_hash="-1940372141" || icon_hash="-447557905"

References (2)

Core 2

Core References

Various Sources

https://www.mitel.com/support/security-advisories

Various Sources

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0004

Scores

CVSS v3 6.5

EPSS 0.0455

EPSS Percentile 89.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

VulnCheck KEV 2025-07-21

CWE

CWE-77

Status published

Published Aug 07, 2025

Tracked Since Feb 18, 2026