FreeSWITCH RCE Vulnerability

FreeSWITCH is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

FreeSWITCH mod_event_socket Service Detection

A FreeSWITCH modeventsocket service is running at this host. modeventsocket is a TCP-based interface to control FreeSWITCH. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeSWITCH Default Password (mod_event_socket)

FreeSWITCH is using a known default password in the modeventsocket component. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

CVE-2019-19492

FreeSWITCH 1.6.10 through 1.10.1 has a default password in eventsocket.conf.xml...

CVE-2019-19492

FreeSWITCH 1.6.10 through 1.10.1 has a default password in eventsocket.conf.xml...

CVE-2019-19492

FreeSWITCH 1.6.10 through 1.10.1 has a default password in eventsocket.conf.xml...

Default credentials

FreeSWITCH 1.6.10 through 1.10.1 has a default password in eventsocket.conf.xml...

CVE-2019-19492

CVE-2019-19492 affects FreeSWITCH 1.6.10–1.10.1, where a default password in event_socket.conf.xml creates a hard-coded credential in the SIP/event_socket handling. This could allow unauthorized access or elevation of privileges to internal data or control paths, per Red Hat and NVD entries. No e...

CVE-2019-19492

FreeSWITCH 1.6.10 through 1.10.1 has a default password in eventsocket.conf.xml...

FreeSWITCH - Event Socket Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeSWITCH Event Socket Command Execution', 'Description' = %q This module uses the FreeSWITCH event socket interface to execute system commands...

FreeSWITCH Event Socket Command Execution Exploit

This Metasploit module uses the FreeSWITCH event socket interface to execute system commands using the system API command. The event socket service is enabled by default and listens on TCP port 8021 on the local network interface. This module has been tested successfully on FreeSWITCH versions:...

FusionPBX Operator Panel (exec.php) Command Execution Exploit

This Metasploit module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operatorpanelview permissions, or administrator permissions, to execute arbitrary commands as the web server user ...

FreeSWITCH Event Socket Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeSWITCH Event Socket Command Execution', 'Description' = %q This module uses the FreeSWITCH event socket interface to execute system commands...

FusionPBX Operator Panel exec.php Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FusionPBX Operator Panel exec.php Command Execution', 'Description' = %q This module exploits an authenticated command injection vulnerability in...

CVE-2019-19492

creationtimestamp| type| source ---|---|--- 2019-11-13 17:44:06+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/freeswitcheventsocketcmdexec.rb 2024-03-05 14:46:26+00:00| seen| https://t.me/ctinow/200288 2025-10-23 21:12:58+00:00| seen|...

FreeSWITCH Event Socket Command Execution

This module uses the FreeSWITCH event socket interface to execute system commands using the system API command. The event socket service is enabled by default and listens on TCP port 8021 on the local network interface. This module has been tested successfully on FreeSWITCH versions:...

FusionPBX Operator Panel exec.php Command Execution

This module exploits an authenticated command injection vulnerability in FusionPBX versions 4.4.3 and prior. The exec.php file within the Operator Panel permits users with operatorpanelview permissions, or administrator permissions, to execute arbitrary commands as the web server user by sending ...

Cross site request forgery (csrf)

FreeSWITCH through 1.8.2, when modxmlrpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system or api/bgsystem or txtapi/bgsystem query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF...

CVE-2018-19911

FreeSWITCH through 1.8.2, when modxmlrpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system or api/bgsystem or txtapi/bgsystem query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF...

CVE-2018-19911

FreeSWITCH through 1.8.2, when modxmlrpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system or api/bgsystem or txtapi/bgsystem query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF...