4.5.0.41

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-09	CVE-2024-37570	Command Injection vulnerability in Mitel 6869I SIP Firmware 4.5.0.41 On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform sanitization on the username and path parameters (sent by an authenticated user) before appending flags to the busybox ftpget command. network low complexity mitel CWE-77	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.