Vulnerability in Sangoma Switchvox Smb Edition
CVE-2026-9587
An authenticated local file inclusion vulnerability exists in Sangoma Switchvox SMB Edition 8.3 (104997). The play_file functionality accepts user-controlled input through the sound_path parameter and fails to properly validate file paths…
Affected products
- Sangoma Switchvox Smb Edition — versions 8.3 (104997)
Weakness classification (CWE)
References
- 57dba5dd-1a03-47f6-8b36-e84e47d335d8 (release-notes)
- 57dba5dd-1a03-47f6-8b36-e84e47d335d8 (third-party-advisory)