Directory Traversal Vulnerability in Mitel MiCollab SAS Admin Portal
CVE-2021-27402 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
The SAS Admin portal of Mitel MiCollab before 9.2 FP2 could allow an unauthenticated attacker to access (view and modify) user data by injecting arbitrary directory paths due to improper URL validation, aka Directory Traversal.
Learn more about our User Device Pen Test.