CVE-2025-2494

Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow an attacker to upload files to the server via the ‘/softdial/phpconsole/upload.php’ endpoint, which is protected by basic HTTP authentication. The files are uploaded to a directory exposed by the web application, which could result in code execution, giving the attacker full control over the server.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-softdial-contact-center	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:sytel:softdial_contact_center:-:*:*:*:*:*:*:*

History

21 Oct 2025, 14:48

Type	Values Removed	Values Added
CPE		cpe:2.3:a:sytel:softdial_contact_center:-:::::::*
References	~~() https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-softdial-contact-center -~~	() https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-softdial-contact-center - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
Summary		(es) Subida de archivos sin restricciones al Centro de Contacto Softdial de Sytel Ltd. Esta vulnerabilidad podría permitir a un atacante subir archivos al servidor a través del endpoint '/softdial/phpconsole/upload.php', protegido por autenticación HTTP básica. Los archivos se suben a un directorio expuesto por la aplicación web, lo que podría provocar la ejecución de código, otorgando al atacante control total sobre el servidor.
First Time		Sytel softdial Contact Center Sytel

18 Mar 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-18 12:15

Updated : 2025-10-21 14:48

NVD link : CVE-2025-2494

Mitre link : CVE-2025-2494

CVE.ORG link : CVE-2025-2494

JSON object : View

Products Affected

sytel

softdial_contact_center

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2025-2494", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-03-18T12:15:16.090", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-softdial-contact-center", "tags": ["Third Party Advisory"], "source": "cve-coordination@incibe.es"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cve-coordination@incibe.es", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "Unrestricted file upload to Softdial Contact Center of Sytel Ltd. This vulnerability could allow an attacker to upload files to the server via the \u2018/softdial/phpconsole/upload.php\u2019 endpoint, which is protected by basic HTTP authentication. The files are uploaded to a directory exposed by the web application, which could result in code execution, giving the attacker full control over the server."}, {"lang": "es", "value": "Subida de archivos sin restricciones al Centro de Contacto Softdial de Sytel Ltd. Esta vulnerabilidad podr\u00eda permitir a un atacante subir archivos al servidor a trav\u00e9s del endpoint '/softdial/phpconsole/upload.php', protegido por autenticaci\u00f3n HTTP b\u00e1sica. Los archivos se suben a un directorio expuesto por la aplicaci\u00f3n web, lo que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo, otorgando al atacante control total sobre el servidor."}], "lastModified": "2025-10-21T14:48:39.507", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sytel:softdial_contact_center:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7198E5C1-58CE-41C7-8ED5-A20168DC63BC"}], "operator": "OR"}]}], "sourceIdentifier": "cve-coordination@incibe.es"}