Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function.Referenceshttp://tiptel.comhttps://www.bdosecurity.de/en-gb/advisories/cve-2024-33109