CRITICAL🇵🇱 Wersja polska

CVE-2025-32105

CVSS 9.8v3.1pub. 2025-06-03upd. 2025-06-18

A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution.

🤖 AI Analysis
How it works

The vulnerability results from improper input handling in the HTTP server embedded in the Sangoma IMG2020 device firmware (CWE-120 — classic buffer overflow). An attacker can send a crafted HTTP request that causes a buffer overflow in the memory of the server process. As a result, it is possible to overwrite critical memory areas and take control of the program execution flow, leading to remote code execution.

Impact

An unauthenticated network attacker can gain full control of the device through remote code execution (RCE), which potentially enables interception of telecommunications traffic, lateral movement in the network, and complete compromise of the device.

Mitigation & patch

Apply patches available from the manufacturer according to references. Until the fix is implemented, it is recommended to restrict access to the HTTP interface of the Sangoma IMG2020 device exclusively to trusted IP addresses using firewall or network segmentation.

Who is affected

Sangoma IMG2020 Firmware and Sangoma IMG2020 device in versions up to and including 2.3.9.6

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sangoma Img2020

    HW
    Sangoma
    wszystkie wersje
  • Sangoma Img2020 Firmware

    OS
    Sangoma
    ≤ 2.3.9.6
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2025-57819CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Krytyczna podatność RCE i SQL injection w Sangoma FreePBX (bez uwierzytelnienia)

CVE-2019-19006CRITICAL9.8⚠ KEVten sam vendor

Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Contr...

CVE-2026-46376CRITICAL9.3PL ✓ten sam vendor

FreePBX UCP: dostęp bez uwierzytelnienia przez wbudowane dane logowania

CVE-2025-66039CRITICAL9.3PL ✓ten sam vendor

FreePBX Endpoint Manager — pominięcie uwierzytelnienia (Auth Bypass)

CVE-2024-57520CRITICAL9.8PL ✓ten sam vendor

Insecure Permissions w Sangoma Asterisk v22 — tworzenie plików poza katalogiem aplikacji