Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sangoma vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-15297
res_pjsip_t38 in Sangoma Asterisk 15.x prior to 15.7.4 and 16.x prior to 16.5.1 allows an malicious user to trigger a crash by sending a declined stream in a response to a T.38 re-invite initiated by Asterisk. The crash occurs because of a NULL session media object dereference.
Digium Asterisk
7.5
CVSSv3
CVE-2019-15639
main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote malicious user to send a specific RTP packet during a call and cause a crash in a specific scenario.
Digium Asterisk
4.8
CVSSv3
CVE-2018-15891
An issue exists in FreePBX core prior to 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.
Sangoma Freepbx 15.0.1
Freepbx Freepbx 15.0.1
Sangoma Freepbx
7.2
CVSSv3
CVE-2018-6393
FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor disputes this issue because it is intentional that a user can "directly modify SQL tables ... [or] run shell scripts ... once ... lo...
Sangoma Freepbx 10.13.66
Sangoma Freepbx 14.0.1.24
9.8
CVSSv3
CVE-2017-17430
Sangoma NetBorder / Vega Session Controller prior to 2.3.12-80-GA allows remote malicious users to execute arbitrary commands via the web interface.
Sangoma Netborder\\/vega Session Firmware 2.3.11-78-ga
NA
CVE-2014-7235
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX prior to 2.9.0.9, 2.10.x, and 2.11 prior to 2.11.1.5 allows remote malicious users to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, a...
Freepbx Freepbx 2.10.0.5
Freepbx Freepbx 2.10.0.6
Sangoma Freepbx 2.11.0.2
Sangoma Freepbx 2.11.0.3
Freepbx Freepbx 2.10.0.1
Freepbx Freepbx 2.10.0.2
Freepbx Freepbx 2.10.0.9
Freepbx Freepbx 2.10.0.10
Freepbx Freepbx 2.11.1.1
Freepbx Freepbx 2.11.1.2
Sangoma Freepbx
Freepbx Freepbx 2.10.0.0
Freepbx Freepbx 2.10.0.7
Freepbx Freepbx 2.10.0.8
Sangoma Freepbx 2.11.0.4
Freepbx Freepbx 2.11.1.0
Freepbx Freepbx 2.10.0.3
Freepbx Freepbx 2.10.0.4
Sangoma Freepbx 2.11.0.0
Sangoma Freepbx 2.11.0.1
Freepbx Freepbx 2.11.1.3
Freepbx Freepbx 2.11.1.4
1 EDB exploit
NA
CVE-2014-1903
admin/libraries/view.functions.php in FreePBX 2.9 prior to 2.9.0.14, 2.10 prior to 2.10.1.15, 2.11 prior to 2.11.0.23, and 12 prior to 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote malicious users to execute arbitrary PHP ...
Freepbx Freepbx 2.11
Freepbx Freepbx 2.10
Sangoma Freepbx 2.9
Freepbx Freepbx 2.12
2 EDB exploits
NA
CVE-2012-4869
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and previous versions allows remote malicious users to execute arbitrary commands via the callmenum parameter in a c action.
Sangoma Freepbx 2.9
Sangoma Freepbx
3 EDB exploits
3 Github repositories
NA
CVE-2012-4870
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2) panel/dhtml/index.php; (3) clid or (4) clidname parameters to p...
Sangoma Freepbx
1 EDB exploit
NA
CVE-2010-3490
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and previous versions allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to a...
Sangoma Freepbx
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »