Sangoma Restapps vulnerabilities
2 known vulnerabilities affecting sangoma/restapps.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2021-45461P1CRITICALCVSS 9.8Exploitedv15.0.19.87v15.0.19.88+2 more2021-12-22
CVE-2021-45461 [CRITICAL] CVE-2021-45461: FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is in
FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19.
nvd
CVE-2020-10666P2CRITICALCVSS 9.8≥ 13.0, ≤ 13.0.93.2≥ 14.0, ≤ 14.0.22.2+1 more2021-05-31
CVE-2020-10666 [CRITICAL] CWE-77 CVE-2020-10666: The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command.
nvd