CVE-2023-0480 in VitalPBX
Summary
by MITRE • 04/05/2023
VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible because the application is vulnerable to CSRF.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 07/09/2025
The vulnerability identified as CVE-2023-0480 represents a critical security flaw in VitalPBX version 3.2.3-8 that exposes administrative accounts to unauthorized access by external attackers. This issue stems from the application's insufficient protection against Cross-Site Request Forgery attacks, which allows malicious actors to manipulate the application's functionality without proper authentication. The vulnerability specifically targets the administrative account management system, potentially enabling full system compromise and unauthorized access to sensitive telephony infrastructure.
The technical root cause of this vulnerability lies in the application's failure to implement proper CSRF protection mechanisms. According to CWE-352, Cross-Site Request Forgery represents a serious weakness where the application accepts requests without validating their origin or authenticity. In the context of VitalPBX, this means that an unauthenticated attacker can craft malicious requests that, when executed by an authenticated administrator, result in unauthorized account access. The flaw demonstrates a complete absence of anti-CSRF tokens or similar validation mechanisms that would normally prevent such attacks by ensuring that requests originate from legitimate sources within the application's own domain.
The operational impact of this vulnerability extends beyond simple unauthorized access to encompass potential complete system compromise. An attacker who successfully exploits this CSRF vulnerability could gain administrative control over the entire VitalPBX instance, potentially leading to unauthorized phone number provisioning, call routing manipulation, voicemail access, and other telephony services. This represents a significant threat to business continuity and communication infrastructure security, particularly in environments where telephony systems handle sensitive customer data or critical business communications. The vulnerability's unauthenticated nature means that attackers do not require prior credentials to initiate the attack, making it particularly dangerous in environments where network exposure is high.
From a threat modeling perspective, this vulnerability aligns with ATT&CK technique T1566 which involves social engineering attacks that manipulate users into executing malicious actions. The exploitation process typically involves crafting a malicious webpage or email that, when visited by an administrator, automatically submits a request to the vulnerable VitalPBX instance to change administrative credentials or perform other privileged actions. The attack vector demonstrates the importance of implementing robust input validation and request origin verification as recommended in the OWASP Top Ten. Organizations should immediately implement mitigations including the deployment of anti-CSRF tokens, proper request validation, and network segmentation to limit exposure. Additionally, regular security audits and vulnerability assessments should be conducted to identify and remediate similar weaknesses in other applications and systems within the telephony infrastructure ecosystem.