Vulnerability Description
FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on TCP port 8080, as demonstrated by an api/system?calc URI. This can also be exploited via CSRF. Alternatively, the default password of works for the freeswitch account can sometimes be used.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Freeswitch | Freeswitch | <= 1.8.2 |
Related Weaknesses (CWE)
References
- https://github.com/iSafeBlue/freeswitch_rce/blob/master/README-en.mdExploitThird Party Advisory
- https://github.com/iSafeBlue/freeswitch_rce/blob/master/freeswitch_rce.pyExploitThird Party Advisory
- https://github.com/iSafeBlue/freeswitch_rce/blob/master/README-en.mdExploitThird Party Advisory
- https://github.com/iSafeBlue/freeswitch_rce/blob/master/freeswitch_rce.pyExploitThird Party Advisory
FAQ
What is CVE-2018-19911?
CVE-2018-19911 is a vulnerability with a CVSS score of 7.5 (HIGH). FreeSWITCH through 1.8.2, when mod_xml_rpc is enabled, allows remote attackers to execute arbitrary commands via the api/system or txtapi/system (or api/bg_system or txtapi/bg_system) query string on ...
How severe is CVE-2018-19911?
CVE-2018-19911 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-19911?
Check the references section above for vendor advisories and patch information. Affected products include: Freeswitch Freeswitch.