Vulnerabilities

CVE-2019-16965

by Fred · 21/10/2019

resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute any commands on the host as www-data.

Date published : 2019-10-21

https://github.com/fusionpbx/fusionpbx/commit/6baad9af1bc55c80b793af3bd1ac35b39c20b173

FusionPBX Sofia API command injection 2/2

Similar

Tags: Cybersecurity Alert