Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.8
CVE-2025-2155: Specto CM Allows Malicious Files to Execute Remote Code
CVE-2025-2155
Summary
A security issue in Specto CM allows attackers to upload malicious files, which can be executed remotely. This can lead to unauthorized access and potentially serious consequences. Update to a fixed version of Specto CM to protect your system.
Original title
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion.
This issue affects Specto CM: before 1703...
Original description
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion.
This issue affects Specto CM: before 17032025.
This issue affects Specto CM: before 17032025.
nvd CVSS3.1
8.8
Vulnerability type
CWE-434
Unrestricted File Upload
Published: 24 Dec 2025 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026