Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[CVE-2014-1903] FreePBX 2.9 through 12 RCE
Feb 11 2014 11:44PM
rob thomas schmoozecom com
Unauthenticated user-level Remote Code Execution (RCE) vulnerability in admin/config.php, the main interface to FreePBX. This bug was introduced in FreePBX 2.9, earlier versions are not affected.
Score - 8.4
[ more ]
Copyright 2010, SecurityFocus