HomePentest-Tools.com Logo

FreePBX System Recordings Menu Arbitrary File Upload Vulnerability CVE-2010-3490

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

FreePBX is prone to an arbitrary file-upload vulnerability because it fails to properly sanitize user-supplied input. An attacker can leverage this issue to upload arbitrary files to the affected computer, this can result in arbitrary code execution within the context of the webserver. FreePBX 2.8.0 is vulnerable, other versions may also be affected.

Risk description
Not available
Recommendation

Updates are available, please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Sep 28, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available