In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result in an unauthenticated remote user's ability to execute unauthorized code.
https://github.com/austin2111/papers/blob/main/CVE-2025-32105_CVE-2025-32106_Technical_Report.pdf