FreePBX User Control Panel Unauthenticated Access Vulnerability via Hard-Coded Credentials

A vulnerability exists in FreePBX versions 15.0.42 prior to 16.0.45 and 17.0.7, allowing unauthenticated users to access the User Control Panel (UCP) using hard-coded initial template credentials, unless these credentials were changed by an administrator. While authenticated access to the Administrator Control Panel (ACP) is required for the initial setup of UCP generic templates, once this setup is complete, unauthenticated users may gain access without further administrative intervention.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the User Control Panel, allowing users to interact with UCP features and functionalities without proper authentication.

Remediation

Users can update the 'userman' module to the latest version to randomize the password. It is also recommended to ensure that only authorized users have access to the FreePBX Administrator Control Panel, and to deny access from hostile networks to the ACP and UCP.