Threat Intelligence / CVE / CVE-2021-45461

CVE-2021-45461

CVSS 9.8 (CRITICAL) · EPSS 3.0% · Published 2021-12-22

FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

NVD-CWE-noinfo

Threats tracking this CVE

Sangoma FreePBX Authentication Bypass & Command Injection - CISA KEV — CRITICAL

References

https://community.freepbx.org/t/0-day-freepbx-exploit/80092
https://community.freepbx.org/t/security-issue-potential-rest-phone-apps-rce/80109
https://wiki.freepbx.org/display/FOP/2021-12-21+SECURITY%3A+Potential+Rest+Phone+Apps+RCE
https://community.freepbx.org/t/0-day-freepbx-exploit/80092
https://community.freepbx.org/t/security-issue-potential-rest-phone-apps-rce/80109
https://wiki.freepbx.org/display/FOP/2021-12-21+SECURITY%3A+Potential+Rest+Phone+Apps+RCE

Full detection coverage & IOCs for threats exploiting CVE-2021-45461 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence