Freeswitch

Freeswitch

12 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2023-51443

Exploit
  • EPSS 0.62%
  • Veröffentlicht 27.12.2023 17:15:08
  • Zuletzt bearbeitet 04.11.2025 19:16:21

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, ...

7.5

CVE-2023-40018

  • EPSS 0.55%
  • Veröffentlicht 15.09.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:18:31

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.10, FreeSWITCH allows remote users to trigger...

6.5

CVE-2023-40019

Exploit
  • EPSS 0.23%
  • Veröffentlicht 15.09.2023 20:15:09
  • Zuletzt bearbeitet 21.11.2024 08:18:31

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.10, FreeSWITCH allows authorized users to cau...

7.5

CVE-2021-41158

Exploit
  • EPSS 0.36%
  • Veröffentlicht 26.10.2021 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:25:37

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, an attacker can perform a SIP digest leak ...

5

CVE-2021-41157

Exploit
  • EPSS 0.35%
  • Veröffentlicht 26.10.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:37

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. By default, SIP requests of the type SUBSCRIBE are not authenticate...

5

CVE-2021-41105

Exploit
  • EPSS 4.42%
  • Veröffentlicht 25.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:28

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. When handling SRTP calls, FreeSWITCH prior to version 1.10.7 is sus...

7.5

CVE-2021-41145

Exploit
  • EPSS 0.95%
  • Veröffentlicht 25.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:35

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. FreeSWITCH prior to version 1.10.7 is susceptible to Denial of Serv...

7.5

CVE-2021-37624

Exploit
  • EPSS 1.47%
  • Veröffentlicht 25.10.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:15:32

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.7, FreeSWITCH does not authenticate SIP MESSA...

9.8

CVE-2019-19492

Exploit
  • EPSS 78.22%
  • Veröffentlicht 02.12.2019 02:15:13
  • Zuletzt bearbeitet 21.11.2024 04:34:49

FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml.

7.6

CVE-2018-19911

Exploit
  • EPSS 13.38%
  • Veröffentlicht 06.12.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:47

FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?ca...