A vulnerability classified as critical has been found in Mitel 6869i 4.5.0.41. Affected is an unknown function of the file upgrade.html of the component Manual Firmware Update Handler. The manipulation of the argument username/path leads to command injection.
This vulnerability is traded as CVE-2024-37570. The attack needs to be approached within the local network. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.