Security Reporting
Monthly
SQL injection in FreePBX CDR Reports module prior to versions 16.0.50 and 17.0.11 allows authenticated users with CDR section access to execute arbitrary SQL queries via the order and sort POST parameters. The flaw requires a valid Administration Control Panel account but not full administrator privileges, and at the time of analysis there is no public exploit identified and the issue is not listed in CISA KEV. The CVSS 4.0 score of 8.5 reflects high confidentiality and integrity impact against the call detail records database.
Authentication bypass in FreePBX User Control Panel (UCP) versions 15.0.42 through 16.0.44 and 17.0.0 through 17.0.6 allows remote unauthenticated attackers to access UCP accounts using hard-coded initial template credentials when administrators fail to rotate them after enabling the feature. With a CVSS 4.0 score of 9.3 and CWE-798 (Use of Hard-coded Credentials), the flaw exposes high-confidentiality and high-integrity impact to the affected component, though no public exploit identified at time of analysis.
SQL injection in FreePBX CDR Reports module prior to versions 16.0.50 and 17.0.11 allows authenticated users with CDR section access to execute arbitrary SQL queries via the order and sort POST parameters. The flaw requires a valid Administration Control Panel account but not full administrator privileges, and at the time of analysis there is no public exploit identified and the issue is not listed in CISA KEV. The CVSS 4.0 score of 8.5 reflects high confidentiality and integrity impact against the call detail records database.
Authentication bypass in FreePBX User Control Panel (UCP) versions 15.0.42 through 16.0.44 and 17.0.0 through 17.0.6 allows remote unauthenticated attackers to access UCP accounts using hard-coded initial template credentials when administrators fail to rotate them after enabling the feature. With a CVSS 4.0 score of 9.3 and CWE-798 (Use of Hard-coded Credentials), the flaw exposes high-confidentiality and high-integrity impact to the affected component, though no public exploit identified at time of analysis.