CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-45461

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1820%
EPSS Percentile5.02th
Published2021年12月22日
Last Modified2024年11月21日

Vulnerability Description

FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19.

Affected Platforms (CPE)

📦
Sangoma

Restapps

= 15.0.19.87
📦
Sangoma

Restapps

= 15.0.19.88
📦
Sangoma

Restapps

= 16.0.18.40
📦
Sangoma

Restapps

= 16.0.18.41

References & Advisories

🔗 https://community.freepbx.org/t/0-day-freepbx-exploit/80092
🔗 https://community.freepbx.org/t/security-issue-potential-rest-phone-apps-rce/80109
🔗 https://wiki.freepbx.org/display/FOP/2021-12-21+SECURITY%3A+Potential+Rest+Phone+Apps+RCE
🔗 https://community.freepbx.org/t/0-day-freepbx-exploit/80092
🔗 https://community.freepbx.org/t/security-issue-potential-rest-phone-apps-rce/80109
🔗 https://wiki.freepbx.org/display/FOP/2021-12-21+SECURITY%3A+Potential+Rest+Phone+Apps+RCE

相關漏洞威脅

CVE-2020-106669.8

The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execu...

CVE-2024-74885.3

Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering S...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...