cbcvebase.

Freepbx Security-Reporting vulnerabilities

9 known vulnerabilities affecting freepbx/security-reporting.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH8

Vulnerabilities

Page 1 of 1
CVE-2026-28287P2HIGHCVSS 8.8v>= 16.0.17.2, < 16.0.20v>= 17.0.2.4, < 17.0.52026-03-05
CVE-2026-28287 [HIGH] CWE-78 CVE-2026-28287: FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2. FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and 17.0.5.
nvd
CVE-2026-46376P2CRITICALCVSS 9.8v>= 15.0.42, < 16.0.45v>= 17.0.1, < 17.0.72026-05-29
CVE-2026-46376 [CRITICAL] CWE-798 CVE-2026-46376: FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users m FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP is required for the initial setup of UCP generic
nvd
CVE-2026-26978P2HIGHCVSS 8.6fixed in 16.0.71v>= 17.0.0, < 17.0.62026-05-18
CVE-2026-26978 [HIGH] CWE-502 CVE-2026-26978: FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not p FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does not properly sanitize data during restore operations, potentially leading to compromise if the backup contains carefully crafted hostile data. During backup restore operations, FreePBX extracts selected files from a user-supplied tar archive. If a malicious
nvd
CVE-2026-44238P2HIGHCVSS 8.8fixed in 16.0.50v>= 17.0.1, < 17.0.112026-05-29
CVE-2026-44238 [HIGH] CWE-89 CVE-2026-44238: FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows S FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administration Control Panel account that has CDR section access is required. Full administrator privileges are not needed. This vulnerability is fixed in 16.0.50 and
nvd
CVE-2026-44239P3HIGHCVSS 8.8fixed in 16.0.22v>= 17.0.1, < 17.0.52026-05-29
CVE-2026-44239 [HIGH] CWE-98 CVE-2026-44239: FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJA FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $_REQUEST['rawname'] parameter is concatenated into an include() call with a .class.php suffix, allowing path traversal via ../ sequences to include arbitrary .class
nvd
CVE-2026-28284P3HIGHCVSS 8.8fixed in 16.0.10fixed in 17.0.52026-03-05
CVE-2026-28284 [HIGH] CWE-89 CVE-2026-28284: FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. This issue has been patched in versions 16.0.10 and 17.0.5.
nvd
CVE-2026-28210P3HIGHCVSS 8.8fixed in 16.0.49fixed in 17.0.72026-03-05
CVE-2026-28210 [HIGH] CWE-89 CVE-2026-28210: FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr (Call Dat FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr (Call Data Record) is vulnerable to SQL query injection. This issue has been patched in versions 16.0.49 and 17.0.7.
nvd
CVE-2026-44237P3HIGHCVSS 8.1fixed in 17.0.82026-05-29
CVE-2026-44237 [HIGH] CWE-1390 CVE-2026-44237: FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation do FreePBX is an open source IP PBX. Prior to 17.0.8, the FreePBX api module's OAuth2 implementation does not sufficiently validate client credentials during token issuance. Knowledge of a valid client_id is required. The validateClient() method in ClientRepository.php unconditionally returns true, allowing any party with knowledge of a valid client_id
nvd
CVE-2026-28209P3HIGHCVSS 7.2v>= 16.0.17.2, < 16.0.20v>= 17.0.2.4, < 17.0.52026-03-05
CVE-2026-28209 [HIGH] CWE-78 CVE-2026-28209: FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2. FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, a command injection vulnerability exists in FreePBX when using the ElevenLabs Text-to-Speech (TTS) engine in the recordings module. This issue has been patched in versions 16.0.20 and 17.0.5.
nvd
Freepbx Security-Reporting vulnerabilities | cvebase