ALERT An unauthenticated remote attacker can run shell commands as the Asterisk user

Thread starter hecatae
Start date Aug 23, 2016

hecatae

resident hecatae

Aug 23, 2016

#1

https://www.freepbx.org/security-vulnerability-notice-2/

Code:

Summary:

An unauthenticated remote attacker can run shell commands as the Asterisk user of any FreePBX machine with ‘Recordings’ versions between 13.0.12 and 13.0.26.

Thankful that IncrediblePBX is still based on FreePBX 12

wardmundy

Nerd Uno

Aug 23, 2016

#2

... with a rock-solid firewall.

You must log in or register to reply here.

Share:

Reddit Pinterest Tumblr WhatsApp Email Link

Members online

No members online now.

Total: 122 (members: 0, guests: 122)

Latest Posts

S
NO JOY Remote PJSIP endpoint, registers then de-registers
- Latest: Samot
- Yesterday at 8:18 PM
Endpoints
ALERT Issabel 5
- Latest: hecatae
- Yesterday at 11:18 AM
Today's Tech News & Events
NO JOY My new number will not register with pjsip
- Latest: ostridge
- Yesterday at 10:37 AM
Trunks & Providers
FUNNY STUFF Neighbor Sues For Wifi Password
- Latest: dallas
- Yesterday at 2:23 AM
Open Discussion
GOOD NEWS Gotcha-Free PBX: ElastixMT GUI
- Latest: hecatae
- Thursday at 11:04 AM
Today's Tech News & Events

Forum statistics

Threads: 25,812

Messages: 167,763

Members: 19,241

Latest member: bellabos

Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX

Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…