HomePentest-Tools.com Logo

FreeSWITCH mod_event_socket Default Password Vulnerability CVE-2019-19492

Severity
CVSSv3 Score
9.8
Vulnerability description

FreeSWITCH mod_event_socket has a default password set.

Risk description

An attacker can use this password to e.g. execute commands via the sytstem api to compromise the host.

Recommendation

Change the default password in event_socket.conf.xml.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 2, 2019
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available