PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files

Still unpatched 100+ days later, watchTowr says

A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances. …