FreePBX: Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP...

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Description

FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP is required for the initial setup of UCP generic templates, but after that, without further steps by the admin, unauthenticated users may be able to gain access. This vulnerability is fixed in 16.0.45 and 17.0.7.

AI Analysis

Unauthenticated use of hard-coded credentials vulnerability in FreePBX UCP interface

Basic Information

ID CVE-2026-46376

Source GitHub_M

Published May 29, 2026 at 12:39

Affected Product

Vendor FreePBX

Product security-reporting

Version >= 15.0.42, < 16.0.45

Affected Versions FreePBX security-reporting >= 15.0.42, < 16.0.45
FreePBX security-reporting >= 17.0.1, < 17.0.7

CWE Classification

CWE-798

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor FreePBX

Product FreePBX UCP

Version 15.0.42 to 16.0.44, 17.0.1 to 17.0.6

References

github.com /FreePBX/security-reporting/security/advisories/GHSA-m55x-h47x-v3gx

{
    "lastseen": "",
    "description": "FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP is required for the initial setup of UCP generic templates, but after that, without further steps by the admin, unauthenticated users may be able to gain access. This vulnerability is fixed in 16.0.45 and 17.0.7.",
    "published": "2026-05-29T12:39:57.690Z",
    "modified": "2026-05-29T12:39:57.690Z",
    "type": "cve",
    "title": "FreePBX: Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP Interface",
    "source": "GitHub_M",
    "references": "https://github.com/FreePBX/security-reporting/security/advisories/GHSA-m55x-h47x-v3gx",
    "id": "CVE-2026-46376",
    "bulletinFamily": "",
    "cwe": [
        "CWE-798"
    ],
    "cvelist": null,
    "sourceData": "FreePBX security-reporting >= 15.0.42, < 16.0.45\nFreePBX security-reporting >= 17.0.1, < 17.0.7",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "security-reporting",
    "version": ">= 15.0.42, < 16.0.45",
    "vendor": "FreePBX",
    "ai_description": "Unauthenticated use of hard-coded credentials vulnerability in FreePBX UCP interface",
    "ai_severity": "Critical",
    "ai_vendor": "FreePBX",
    "ai_product": "FreePBX UCP",
    "ai_version": "15.0.42 to 16.0.44, 17.0.1 to 17.0.6",
    "ai_score": 9.3
}

FreePBX: Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP Interface_CVE-2026-46376