← Zuruck zu CVEs
CVE-2021-45461
CRITICAL9.8
Beschreibung
FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19.
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht12/22/2021
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
sangoma:freepbxsangoma:pbxactsangoma:restapps
Referenzen
https://community.freepbx.org/t/0-day-freepbx-exploit/80092(cve@mitre.org)
https://wiki.freepbx.org/display/FOP/2021-12-21+SECURITY%3A+Potential+Rest+Phone+Apps+RCE(cve@mitre.org)
https://community.freepbx.org/t/0-day-freepbx-exploit/80092(af854a3a-2127-422b-91ae-364da2661108)
https://community.freepbx.org/t/security-issue-potential-rest-phone-apps-rce/80109(af854a3a-2127-422b-91ae-364da2661108)
https://wiki.freepbx.org/display/FOP/2021-12-21+SECURITY%3A+Potential+Rest+Phone+Apps+RCE(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.