Vulnerability Details CVE-2025-59818
This vulnerability allows authenticated attackers to execute arbitrary commands on the underlying system using the file name of an uploaded file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.9%
CVSS Severity
CVSS v3 Score 10.0
References
- https://wiki.zenitel.com/wiki/Turbine_9.3_-_Release_notes
- https://wiki.zenitel.com/wiki/VSF-Display_Series_9.3_Release_Notes
- https://wiki.zenitel.com/wiki/VSF-Fortitude6_9.3_Release_Notes
- https://wiki.zenitel.com/wiki/VSF-Fortitude8_9.3_Release_Notes
- https://wiki.zenitel.com/wiki/ZIPS_9.3_-_Release_notes
- https://www.zenitel.com/sites/default/files/2025-12/A100K12333%20Zenitel%20Security%20Advisory.pdf
Products affected by CVE-2025-59818
-
cpe:2.3:h:zenitel:tcis-3:-
-
cpe:2.3:o:zenitel:tcis-3_firmware:*