Open Sleeptime17 opened 6 years ago
FreePBX 13.0.x < 13.0.188 should be vulnerable to:
EDB-ID: 40434 (RCE) for FreePBX < 13.0.188 EDB-ID: 40232 (RCE/PE) for FreePBX 13/14 (System Recordings Module versions: 13.0.1beta1 - 13.0.26) EDB-ID: 40614 (RCE/PE) for FreePBX 13/14 (System Recordings Module versions: 13.0.1beta1 - 13.0.26)
and there's also: CVE-2014-7235 (RCE) for FreePBX < 2.9.0.9, FreePBX 2.10.x, FreePBX < 2.11.1.5
FreePBX is quite complicated, this is another good candidate for a docker based service
FreePBX 13.0.x < 13.0.188 should be vulnerable to:
EDB-ID: 40434 (RCE) for FreePBX < 13.0.188 EDB-ID: 40232 (RCE/PE) for FreePBX 13/14 (System Recordings Module versions: 13.0.1beta1 - 13.0.26) EDB-ID: 40614 (RCE/PE) for FreePBX 13/14 (System Recordings Module versions: 13.0.1beta1 - 13.0.26)
and there's also: CVE-2014-7235 (RCE) for FreePBX < 2.9.0.9, FreePBX 2.10.x, FreePBX < 2.11.1.5