5 matches found
EUVD-2023-30362
Malicious code in bioql PyPI...
CVE-2023-26567
Sangoma FreePBX 1805 through 2302 when obtained as a ,.ISO file places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database MariaDB/MySQL and Asterisk Manager Interface. For example, an attack...
CVE-2023-26567
Sangoma FreePBX 1805 through 2302 when obtained as a ,.ISO file places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database MariaDB/MySQL and Asterisk Manager Interface. For example, an attack...
CVE-2023-26567
Sangoma FreePBX versions 1805–2302 (ISO install) expose plaintext credentials by placing AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the Asterisk Global Variables list. The issue enables retrieval of credentials for the Asterisk Database (MariaDB/MySQL) and Asterisk Manager Interface via ...
CVE-2023-26567
Sangoma FreePBX 1805 through 2302 when obtained as a ,.ISO file places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database MariaDB/MySQL and Asterisk Manager Interface. For example, an attack...