Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-46515— Frogman: Multiple read-tier tools expose admin-grade data and arbitrary GraphQL execution

AI Predicted 8.1 Difficulty: Trivial

Affected Version Matrix 1

VendorProductVersion RangeStatus
mwtcmifrogman< 1.6.3affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-46515

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Frogman: Multiple read-tier tools expose admin-grade data and arbitrary GraphQL execution
Source: NVD (National Vulnerability Database)
Vulnerability Description
Frogman provides headless PBX control through MCP and HTTP API. Prior to 1.6.3, PERM_READ access was sufficient to call fm_list_managers, fm_list_pinsets, fm_show_context, fm_get_mcp_config, fm_backup_status, fm_whos_calling, fm_run_saved_query, and fm_diagnose_trunk, exposing AMI manager secrets, outbound dial PINs, full Asterisk dialplan context, root SSH connection commands, backup artifact paths, CDR history, arbitrary saved GraphQL query execution, and raw AMI endpoint dumps containing SIP fields such as password, md5_cred, and oauth_secret. This issue is fixed in version 1.6.3.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制缺失
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
mwtcmifrogman < 1.6.3 -

II. Public POCs for CVE-2026-46515

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-46515

登录查看更多情报信息。

Patches & Fixes for CVE-2026-46515 (3)

Vendor Advisories for CVE-2026-46515 (2)

Proof of Concept for CVE-2026-46515 (1)

Same Patch Batch · mwtcmi · 2026-07-16 · 4 CVEs total

CVE-2026-465129.9 CRITICALFrogman: Dialplan template parameters interpolated into extensions_custom.conf without esc
CVE-2026-465137.4 HIGHFrogman: API tokens stored in plaintext
CVE-2026-465146.5 MEDIUMFrogman: Plaintext passwords and secrets persisted to audit log

IV. Related Vulnerabilities

V. Comments for CVE-2026-46515

No comments yet


Leave a comment