THREATOPS
THREAT OPSThreat News › Cisco Unity Connection Arbitrary File Download Vulnerabilities

Cisco Unity Connection Arbitrary File Download Vulnerabilities

lowcisco_psirtPublished 2026-04-15

<p>Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker&nbsp;to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.&nbsp;</p> <p>These vulnerabilities are due to improper sanitization of user input to the web-based management interface. An attacker could exploit thes

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-file-download-RmKEVWPx?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Arbitrary%20File%20Download%20Vulnerabilities%26vs_k=1