FreePBX Vulnerability Lets Attackers Access User Control Panel Accounts

A critical FreePBX vulnerability can allow unauthenticated attackers to access the User Control Panel when affected systems use generic UCP templates with unchanged hard-coded initial credentials. The flaw is tracked as CVE-2026-46376 and affects the userman module in FreePBX 16 and FreePBX 17. The issue has been patched in userman 16.0.45 and 17.0.7. The vulnerability […] The post FreePBX Vulnerability Lets Attackers Access User Control Panel Accounts appeared first on VPN Central.