vendor:
FreeSWITCH
by:
1F98D
7.5
CVSS
HIGH
Command Execution
78
CWE
Product Name: FreeSWITCH
Affected Version From: 1.10.1
Affected Version To: 1.10.1
Patch Exists: NO
Related CWE: N/A
CPE: a:freeswitch:freeswitch:1.10.1
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Windows 10 (x64)
2019
FreeSWITCH 1.10.1 – Command Execution
FreeSWITCH listens on port 8021 by default and will accept and run commands sent to it after authenticating. By default commands are not accepted from remote hosts.
Mitigation:
Restrict access to port 8021 and configure authentication for remote access.
