CVE-2025-52913

CRITICAL

Mitel MiCollab <9.8.2.12 - Path Traversal

Title source: llm

Description

A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP2 (9.8.2.12) could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations.

Exploits (1)

nomisec SCANNER
by pgaSUS99 · poc
https://github.com/pgaSUS99/PoC-CVE-2025-52913

References (2)

Scores

CVSS v3 9.8
EPSS 0.0063
EPSS Percentile 70.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Published Aug 08, 2025
Tracked Since Feb 18, 2026