CVE-2026-46376
Last modified
CVE-2026-46376 is a critical-severity vulnerability rated 9.3/10 on the CVSS scale. FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. EPSS estimates a 0.43% chance of exploitation in the next 30 days.
Description
FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP is required for the initial setup of UCP generic templates, but after that, without further steps by the admin, unauthenticated users may be able to gain access. This vulnerability is fixed in 16.0.45 and 17.0.7.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sangoma | Freepbx | < 16.0.45 |
| Sangoma | Freepbx | >= 17.0, < 17.0.7 |
References
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-m55x-h47x-v3gxMitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-46376?
How severe is CVE-2026-46376?
How do I fix CVE-2026-46376?
Are you affected by CVE-2026-46376?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST