CVE-2023-39288 (mivoice_connect)

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic.

access argument command connect cve exploit information injection internal internal network mitel mivoice mobility network network access network traffic parameter privileges router traffic vulnerability