Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP Interface

72% confidence

Description

A critical vulnerability exists in the FreePBX User Control Panel (UCP) interface due to the use of hard-coded credentials that allow unauthenticated access.

Affected Products

Vendor	Product	Versions
sangoma technologies	freepbx	<= 16.0.45, <= 17.0.7

Related News (1 articles)

Tier B

CCCS Canada1h ago

FreePBX security advisory (AV26–474)

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

16.0.46

CWECWE-798

PublishedMay 15, 2026

Last enriched1h ago

Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP Interface

Description

Affected Products

Related News (1 articles)

Community Vote

Pin to Dashboard

Verification

Vulnerability Timeline