A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution.
2025-06-03T17:15:21.720
2025-06-18T14:15:43.590
Modified
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | sangoma | img2020_firmware | ≤ 2.3.9.6 | Yes |
| Hardware | sangoma | img2020 | - | No |