CVE-2021-43405 – FusionPBX / FusionPBX – Improper input validation
CVE-2021-43405 is an improper input validation vulnerability impacting FusionPBX versions 4.5.29 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.
Summary:
CVE-2021-43405 is an improper input validation vulnerability impacting FusionPBX versions 4.5.29 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground.
PoC Links(if available):
Exploit DB link –
https://www.exploit-db.com/exploits/50505
Known Counter Measures:
FusionPBX addressed the vulnerability in a GitHub software development platform saved commit change with a patch.
Links to patches(if available)
https://github.com/fusionpbx/fusionpbx/commit/2d2869c1a1e874c46a8c3c5475614ce769bbbd59
