Lucene search
K

7 matches found

BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.10 views

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems, FreePBX, allows a intruder to execute arbitrary code.

The vulnerability of the Rest Phone Apps web interface for controlling IP telephony systems like FreePBX lies in the ability to inject code into the URL addresses. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.5AI score0.21657EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/12/22 7:15 p.m.142 views

CVE-2021-45461

FreePBX, when restapps aka Rest Phone Apps 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19...

9.8CVSS7.8AI score0.21657EPSS
In wildExploits1References4
NVD
NVD
added 2021/12/22 7:15 p.m.17 views

CVE-2021-45461

FreePBX, when restapps aka Rest Phone Apps 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19...

9.8CVSS0.21657EPSS
Exploits1References3
Prion
Prion
added 2021/12/22 7:15 p.m.18 views

Design/Logic Flaw

FreePBX, when restapps aka Rest Phone Apps 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19...

7.5CVSS9.7AI score0.21657EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/12/22 6:25 p.m.246 views

CVE-2021-45461

CVE-2021-45461 affects FreePBX with restapps (aka Rest Phone Apps) versions 15.0.19.87–15.0.19.88 and 16.0.18.40–16.0.18.41. The vulnerability allows remote attackers to execute arbitrary code. It was exploited in the wild in December 2021. The fixed releases are 15.0.20 and 16.0.19. Remediation:...

9.8CVSS9.7AI score0.21657EPSS
In wildExploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2021/12/22 12:0 a.m.6 views

PT-2021-7259

Name of the Vulnerable Software and Affected Versions FreePBX versions 15.0.19.87 through 15.0.19.88 FreePBX versions 16.0.18.40 through 16.0.18.41 Description The issue allows remote attackers to execute arbitrary code. This has been exploited in the wild, with reports of attacks starting in...

10CVSS6.3AI score0.21657EPSS
Exploits1References11
CVE
CVE
added 2021/05/31 11:40 a.m.67 views

CVE-2020-10666

The Restapps (Rest Phone apps) module in Sangoma FreePBX and PBXact (versions 13–15 up to 15.0.19.2) is vulnerable to remote code execution via a URL variable to an AMI command. Root cause is a flaw in Restapps’ handling of AMI commands that allows injection. Impact per sources is high (remote, n...

9.8CVSS9.7AI score0.02237EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder