Vulnerabilities > Freeswitch

DATE CVE VULNERABILITY TITLE RISK
2023-12-27 CVE-2023-51443 Unspecified vulnerability in Freeswitch
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware.
network
high complexity
freeswitch
5.9
2023-09-15 CVE-2023-40018 Unspecified vulnerability in Freeswitch
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware.
network
low complexity
freeswitch
7.5
2023-09-15 CVE-2023-40019 Unspecified vulnerability in Freeswitch
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware.
network
low complexity
freeswitch
6.5
2021-10-26 CVE-2021-41158 Origin Validation Error vulnerability in Freeswitch
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware.
network
low complexity
freeswitch CWE-346
7.5
2021-10-25 CVE-2021-41145 Memory Leak vulnerability in Freeswitch
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware.
network
low complexity
freeswitch CWE-401
7.5
2021-10-25 CVE-2021-37624 Missing Authentication for Critical Function vulnerability in Freeswitch
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware.
network
low complexity
freeswitch CWE-306
7.5
2019-12-02 CVE-2019-19492 Use of Hard-coded Credentials vulnerability in Freeswitch
FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml.
network
low complexity
freeswitch CWE-798
critical
9.8
2018-12-06 CVE-2018-19911 Command Injection vulnerability in Freeswitch
FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI.
network
high complexity
freeswitch CWE-77
7.5