2024-12-02 00:00:00
mitre
PUBLISHED
A vulnerability was discovered in FreePBX 17.0.19.17. It does not verify the type of uploaded (valid FreePBX module) files, allowing high-privilege administrators to insert unwanted files. NOTE: the Suppliers position is that there is no risk beyond what high-privilege administrators are intentionally allowed to do.