CVE-2025-1041 – Avaya Call Management System Remote Command Injection

CVE ID : CVE-2025-1041

Published : June 10, 2025, 6:15 a.m. | 44 minutes ago

Description : An improper input validation discovered in

Avaya Call Management System
could allow an unauthorized

remote command via a specially crafted web request. Affected versions include 18.x, 19.x prior to 19.2.0.7, and 20.x prior to 20.0.1.0.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…