VYPR

Session Border Controller

by Freepbx

CVEs (2)

  • CVE-2019-12148CriOct 22, 2019
    risk 0.64cvss 9.8epss 0.04

    The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an authentication bypass via an argument injection vulnerability involving special characters in the username field. Upon successful exploitation, a remote unauthenticated user can login…

  • CVE-2019-12147CriOct 22, 2019
    risk 0.64cvss 9.8epss 0.03

    The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument Injection via special characters in the username field. Upon successful exploitation, a remote unauthenticated user can create a local system user with sudo privileges, and use that…