📦

restapps

Vendor: sangoma

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 2 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 10.99% Exploit Prob.

Latest CVE CVE-2021-45461 Dec 22

Security Vulnerability Index

Page 1 / 1

9.8 CVSS

CVE-2021-45461

RCE

FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021. The fixed versions are 15.0.20 and 16.0.19.

EPSS: 19.75%

Severity: CRITICAL

Dec 22, 2021

9.8 CVSS

CVE-2020-10666

RCE

The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command.

EPSS: 2.24%

Severity: CRITICAL

May 31, 2021

Displaying 2 of 2 Total Entries

Total 1 Sections