Detections
Analytics

FreePBX 13.x < 13.0.197.14 / 14.x < 14.0.13.12 / 15.x < 15.0.16.27 Remote Admin Authentication Bypass

critical Nessus Plugin ID 298040

Language:

Version 1.3

Feb 7, 2026, 12:50 AM

  • CISA reference

Plugin Feed: 202602070050

Version 1.2

Feb 6, 2026, 8:56 AM

  • CVSS metrics ("CVSSv3 score" set to 9.8)
  • CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" set to "Exploits are available")

Plugin Feed: 202602060856

Version 1.1

Feb 5, 2026, 4:41 PM

  • New

Plugin Feed: 202602051641

* Changelogs are generally available for changes made after Nov 1, 2022