Security Advisory

CVE-2024-53564

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-02 00:00:00

Last updated 2025-01-14 16:41:16

Assigner mitre

State PUBLISHED

Description

A vulnerability was discovered in FreePBX 17.0.19.17. It does not verify the type of uploaded (valid FreePBX module) files, allowing high-privilege administrators to insert unwanted files. NOTE: the Suppliers position is that there is no risk beyond what high-privilege administrators are intentionally allowed to do.

← Browse all CVEs View on cve.org ↗