CRITICAL🇵🇱 Wersja polska

CVE-2026-49840

CVSS 9.1v3.1pub. 2026-06-09upd. 2026-06-10

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, esl_recv_event() parses Content-Length with atol() and passes the result straight to malloc(len + 1) with no sign or magnitude check. A malicious or man-in-the-middle ESL peer can send a frame with a negative Content-Length to corrupt the heap of, or crash, any process linked against libesl, before the client has authenticated to that peer. This issue has been patched in version 1.11.1.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
  • Freeswitch

    APP
    Freeswitch
    < 1.11.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-49841CRITICAL9.8PL ✓ten sam produkt

FreeSWITCH mod_verto: heap buffer overflow przed autoryzacją HTTP

CVE-2019-19492CRITICAL9.8ten sam produkt

FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socket.conf.xml.

CVE-2026-49475HIGH7.5ten sam produkt

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom sw...

CVE-2026-45771HIGH7.5ten sam produkt

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom sw...

CVE-2026-49842HIGH7.5ten sam produkt

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom sw...