Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2021-45461

FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19.

  • Published: Dec 22, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-45461
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
sangoma / restapps 15.0.19.87 15.0.19.87.x
sangoma / restapps 15.0.19.88 15.0.19.88.x
sangoma / restapps 16.0.18.40 16.0.18.40.x
sangoma / restapps 16.0.18.41 16.0.18.41.x