CVE-2026-34443 in freescout-help-desk freescoutinformation

Résumé (Anglaise)

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, checkIpByMask() in app/Misc/Helper.php checks whether the input IP contains a / character. Plain IP addresses never contain /, so the function always returns false without checking any CIDR ranges. The entire 10.0.0.0/8 and 172.16.0.0/12 private ranges are unprotected. This issue has been patched in version 1.8.211.

Responsable

GitHub_M

Réserver

27/03/2026

Divulgation

01/04/2026

Entrées

VulDB provides additional information and datapoints for this CVE:

IDVulnérabilitéCWEExpConCVE
354545freescout-help-desk freescout Helper.php checkIpByMask élévation de privilèges918Non définiCorrectif officielCVE-2026-34443

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!