Unrated severityNVD Advisory· Published Mar 31, 2025· Updated Dec 27, 2025
Xorcom CompletePBX <= 5.2.35 Authenticated File Disclosure
CVE-2025-2292
Description
Xorcom CompletePBX is vulnerable to an authenticated path traversal, allowing for arbitrary file reads via the Backup and Restore functionality.This issue affects CompletePBX: through 5.2.35.
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- vulncheck.com/advisories/completepbx-file-disclosuremitrethird-party-advisory
- www.xorcom.com/new-completepbx-release-5-2-36-1/mitrevendor-advisory
News mentions
0No linked articles in our index yet.