FreePBX Vulnerability Allow Attackers to Gain Access to User Portals

A critical vulnerability in the open-source IP PBX platform FreePBX could allow unauthenticated attackers to access user portals. The issue, tracked as CVE-2026-46376, affects the User Control Panel (UCP) interface due to hard-coded credentials in the userman module. It impacts FreePBX versions before 16.0.45 and 17.0.7. Systems running outdated versions are at risk if administrators […] The post FreePBX Vulnerability Allow Attackers to Gain Access to User Portals appeared first on Cyber Security News.