FreePBX 'admin/config.php' Remote Code Execution Vulnerability Network Vulnerability

Summary

FreePBX is prone to a remote code-execution vulnerability.

Impact

Successfully exploiting this issue will allow attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

Solution

Updates are available.

Insight

admin/libraries/view.functions.php does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.

Affected

FreePBX versions 2.9, 2.10, 2.11, and 12 are vulnerable.

Detection

Try to execute a command with a sprecial crafted HTTP GET request.

References

http://freepbx.org
http://www.securityfocus.com/bid/65509

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-1903

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AWStats configdir parameter arbitrary cmd exec
Astium VoIP PBX SQL Injection Vulnerability
Adobe ColdFusion Directory Traversal Vulnerability
Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
Apache Axis2 Document Type Declaration Processing Security Vulnerability

Take action and discover your vulnerabilities