Summary
FreePBX is prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize input data.
Impact
An attacker may leverage this issue to execute arbitrary commands in the context of the affected application.
Solution
Updates are available.
Insight
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) allows remote attackers to execute arbitrary code via the ari_auth coockie, related to the PHP unserialize function, as exploited in the wild in September 2014.
Affected
FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5
Detection
Send a HTTP GET request with a special crafted cookie and check the response.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-7235 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14
- b2ePMS Multiple SQL Injection Vulnerabilities
- Apache Tomcat Windows Installer Privilege Escalation Vulnerability
- Apache Archiva Multiple Remote Command Execution Vulnerabilities