VYPR

Freepbx

by Freepbx

Source repositories

CVEs (46)

  • CVE-2026-46376CriMay 29, 2026
    risk 0.64cvss 9.8epss 0.00

    FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP.…

  • CVE-2025-61675HigOct 14, 2025
    risk 0.59cvss epss 0.39

    FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple…

  • CVE-2026-44239HigMay 29, 2026
    risk 0.57cvss 8.8epss 0.00

    FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $_REQUEST['rawname'] parameter is concatenated into an include() call with a .class.php…

  • CVE-2026-44238HigMay 29, 2026
    risk 0.57cvss 8.8epss 0.00

    FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administration Control Panel account that has CDR section access is required. Full…

  • CVE-2023-26566HigMay 14, 2024
    risk 0.56cvss 8.6epss 0.01

    Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote attackers to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API.

  • CVE-2026-44237HigMay 29, 2026
    risk 0.53cvss 8.1epss 0.00

    FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation does not sufficiently validate client credentials during token issuance. Knowledge of a valid client_id is required. The validateClient() method in ClientRepository.php…

  • CVE-2026-26978HigMay 18, 2026
    risk 0.49cvss epss 0.01

    FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX…

  • CVE-2018-6393HigJan 29, 2018
    risk 0.47cvss 7.2epss 0.02

    FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can "directly modify SQL tables ... [or] run shell scripts ... once ... logged…

  • CVE-2026-40520HigApr 21, 2026
    risk 0.40cvss 7.2epss 0.01

    FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess() function where GraphQL mutation input fields are passed directly to shell_exec() without sanitization or escaping. An authenticated user with a valid bearer token…

  • CVE-2025-55739MedSep 5, 2025
    risk 0.26cvss epss 0.01

    api is a module for FreePBX@, which is an open source GUI that controls and manages Asterisk© (PBX). In versions lower than 15.0.13, 16.0.2 through 16.0.14, 17.0.1 and 17.0.2, there is an identical OAuth private key used across multiple systems that installed the same FreePBX…

  • CVE-2025-55209MedSep 4, 2025
    risk 0.26cvss epss 0.00

    contactmanager is a module for FreePBX@, which is an open source GUI that controls and manages Asterisk© (PBX). In versions 15.0.14 and below, 16.0.0 through 16.0.26.4 and 17.0.0 through 17.0.5, a stored cross-site scripting (XSS) vulnerability in FreePBX allows a…

  • CVE-2025-57819KEVAug 28, 2025
    risk 0.21cvss epss 0.93

    FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code…

  • CVE-2019-19006KEVNov 21, 2019
    risk 0.14cvss epss 0.37

    Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Control.

  • CVE-2012-4869Sep 6, 2012
    risk 0.09cvss epss 0.70

    The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.

  • CVE-2014-1903Feb 18, 2014
    risk 0.07cvss epss 0.52

    admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the…

  • CVE-2010-3490Sep 28, 2010
    risk 0.04cvss epss 0.10

    Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to…

  • CVE-2012-4870Sep 6, 2012
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2) panel/dhtml/index.php; (3) clid or (4) clidname parameters to…

  • CVE-2009-4458Dec 30, 2009
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2, and possibly other versions, allow remote attackers to inject arbitrary web script or HTML via the (1) tech parameter to admin/admin/config.php during a trunks display action, the (2) description…

  • CVE-2007-2191Apr 24, 2007
    risk 0.03cvss epss 0.04

    Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and…

  • CVE-2006-7107Mar 3, 2007
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in upgrade.php in Coalescent Systems freePBX 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the amp_conf[AMPWEBROOT] parameter.

Page 1 of 3