CVE-2021-43405 – FusionPBX / FusionPBX – Improper input validation

November 23, 2021

CVE-2021-43405 is an improper input validation vulnerability impacting FusionPBX versions 4.5.29 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.

Summary:

CVE-2021-43405 is an improper input validation vulnerability impacting FusionPBX versions 4.5.29 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.

PoC Links(if available):

Exploit DB link –
https://www.exploit-db.com/exploits/50505

Known Counter Measures:

FusionPBX addressed the vulnerability in a GitHub software development platform saved commit change with a patch.

Links to patches(if available)

https://github.com/fusionpbx/fusionpbx/commit/2d2869c1a1e874c46a8c3c5475614ce769bbbd59

You may have missed

image

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

November 22, 2024
image

[QILIN] – Ransomware Victim: Calvert Home Mortgage Investment

November 22, 2024
image

[QILIN] – Ransomware Victim: LBCO Contracting LTD

November 22, 2024
unlock membership

Unveiling Blockchain Security: Safeguarding the Digital Ledger

November 22, 2024
news

A Fifth of UK Enterprises Uncertain About NIS2 Compliance Requirements

November 22, 2024