Vulnerabilities > Sangoma > Restapps > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-45461 Unspecified vulnerability in Sangoma Restapps
FreePBX, when restapps (aka Rest Phone Apps) 15.0.19.87, 15.0.19.88, 16.0.18.40, or 16.0.18.41 is installed, allows remote attackers to execute arbitrary code, as exploited in the wild in December 2021.
network
low complexity
sangoma
critical
9.8
2021-05-31 CVE-2020-10666 Command Injection vulnerability in Sangoma Restapps
The restapps (aka Rest Phone apps) module for Sangoma FreePBX and PBXact 13, 14, and 15 through 15.0.19.2 allows remote code execution via a URL variable to an AMI command.
network
low complexity
sangoma CWE-77
critical
9.8