Lizhuangpengli

**Name of the Vulnerable Software and Affected Versions** FastBee versions prior to 2.1 **Description** A flaw exists in the SIP Message Handler component of FastBee, specifically within the `getRootElement` function located in the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java. This issue allows for XML External Entity (XXE) reference manipulation, potentially enabling remote attacks. The complexity of exploiting this issue is considered high, and exploitability is difficult. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.