Critical FreePBX RCE Vulnerability (ALL Versions)
CVE: 2014-7235Date: 2014-09-30Author: James FinstromTicket: http://issues.freepbx.org/browse/FREEPBX-8070 We have been made aware of a critical Zero-Day Remote Code Execution and Privilege Escalation exploit within the legacy “FreePBX ARI Framework module/Asterisk Recording Interface (ARI)”. This affects any user who has installed FreePBX prior to version 12, and users who have updated to FreePBX 12 from a prior version