A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution.
The vulnerability results from improper input handling in the HTTP server embedded in the Sangoma IMG2020 device firmware (CWE-120 — classic buffer overflow). An attacker can send a crafted HTTP request that causes a buffer overflow in the memory of the server process. As a result, it is possible to overwrite critical memory areas and take control of the program execution flow, leading to remote code execution.
An unauthenticated network attacker can gain full control of the device through remote code execution (RCE), which potentially enables interception of telecommunications traffic, lateral movement in the network, and complete compromise of the device.
Apply patches available from the manufacturer according to references. Until the fix is implemented, it is recommended to restrict access to the HTTP interface of the Sangoma IMG2020 device exclusively to trusted IP addresses using firewall or network segmentation.
Sangoma IMG2020 Firmware and Sangoma IMG2020 device in versions up to and including 2.3.9.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSangoma Img2020
HWSangomawszystkie wersjeSangoma Img2020 Firmware
OSSangoma≤ 2.3.9.6
Related vulnerabilities
Krytyczna podatność RCE i SQL injection w Sangoma FreePBX (bez uwierzytelnienia)
Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below have Incorrect Access Contr...
FreePBX UCP: dostęp bez uwierzytelnienia przez wbudowane dane logowania
FreePBX Endpoint Manager — pominięcie uwierzytelnienia (Auth Bypass)
Insecure Permissions w Sangoma Asterisk v22 — tworzenie plików poza katalogiem aplikacji