CVE Catalog

CVE-2026-49842

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.05%

17th percentile - higher than 17% of all known CVEs

Summary

In versions prior to 1.11.1, the mod_verto module in FreeSWITCH did not properly check authentication for the speed test protocol, allowing unauthorized users to request large amounts of data.

Risk Assessment

Organizations may be exposed to attacks that exploit excessive bandwidth consumption, potentially disrupting telecommunications services.

Recommendation

It is recommended to upgrade to version 1.11.1 or later to patch this vulnerability and secure the system against potential attacks.

Original NVD description (English source)

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, mod_verto's WebSocket frame loop intercepts a #-prefixed speed-test protocol (#SPU / #SPB / #SPE) before any authentication check. The declared payload size in #SPU was parsed with atoi() and only rejected non-positive values, so an unauthenticated peer could request up to INT_MAX bytes. The server then wrote roughly size * 10 bytes back during the download phase, on the order of 20 GB per request, yielding strong outbound bandwidth amplification from a short request. This issue has been patched in version 1.11.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS