Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contain a vulnerability in the TP-240 component caused by improper handling, letting remote attackers obtain sensitive information and cause denial of service, exploit requires remote access.
PoC代码[已公开]
id: CVE-2022-26143
info:
name: Mitel MiCollab - Information Disclosure & Denial of Service
author: theamanrawat
severity: critical
description: |
Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contain a vulnerability in the TP-240 component caused by improper handling, letting remote attackers obtain sensitive information and cause denial of service, exploit requires remote access.
impact: |
Attackers can retrieve sensitive information and cause performance degradation or denial of service, including DDoS attacks.
remediation: |
Update to version 9.4 SP1 FP1 or later for MiCollab, and latest version for MiVoice Business Express.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2022-26143
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-26143
epss-score: 0.79329
epss-percentile: 0.99023
cwe-id: CWE-306
cpe: cpe:2.3:a:mitel:micollab:9.4:-:*:*:*:-:*:*
metadata:
verified: true
shodan-query: html:"MiCollab End User Portal"
max-request: 1
tags: cve,cve2025,mitel,micollab,kev,passive,vkev
http:
- raw:
- |
GET /ucs/micollab/version.json HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(body, "\"version\":")'
- 'contains(content_type, "text/plain")'
- 'compare_versions(version ,"< 9.4.0")'
condition: and
extractors:
- type: regex
name: version
group: 1
regex:
- '{"version":"([0-9.]+)"}'
# digest: 4b0a00483046022100b7a2c2ff0211e2f33b9abb53cf0c577afbf764f75265ac9b28dd05f9244f9f27022100c111cdd8f7de153ac180bf31f09a04f3c004644d8218b2a63505e1788e2dc7bd:922c64590222798bb761d5b6d8e72950