CVE-2014-1903
FreePBX 2.11.0 - Remote Command Execution
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
admin/libraries/view.functions.php en FreePBX 2.9 anterior a 2.9.0.14, 2.10 anterior a 2.10.1.15, 2.11 anterior a 2.11.0.23 y 12 anterior a 12.0.1alpha22 no restringe el conjunto de funciones accesibles al manejador de la API, lo que permite a atacantes remotos ejecutar código PHP arbitrario a través de los parámetros function y args hacia admin/config.php.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-02-07 CVE Reserved
- 2014-02-14 CVE Published
- 2014-03-12 First Exploit
- 2024-08-06 CVE Updated
- 2024-11-05 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0097.html | Mailing List | |
| http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0111.html | Mailing List | |
| http://code.freepbx.org/changelog/FreePBX_Framework?cs=a29382efeb293ef4f42aa9b841dfc8eabb2d1e03 | X_refsource_confirm | |
| http://code.freepbx.org/changelog/FreePBX_SVN?cs=16429 | X_refsource_confirm | |
| http://osvdb.org/103240 | Vdb Entry | |
| http://packetstormsecurity.com/files/125166/FreePBX-2.x-Code-Execution.html | X_refsource_misc |
|
| http://packetstormsecurity.com/files/125215/FreePBX-2.9-Remote-Code-Execution.html | X_refsource_misc |
|
| http://www.freepbx.org/news/2014-02-06/security-vulnerability-notice | X_refsource_confirm | |
| http://www.securityfocus.com/archive/1/531040/100/0/threaded | Mailing List | |
| https://github.com/0x00string/oldays/blob/master/CVE-2014-1903.pl | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/32214 | 2014-03-12 | |
| https://www.exploit-db.com/exploits/32512 | 2014-03-25 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://issues.freepbx.org/browse/FREEPBX-7117 | 2019-12-10 | |
| http://issues.freepbx.org/browse/FREEPBX-7123 | 2014-03-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Freepbx Search vendor "Freepbx" | Freepbx Search vendor "Freepbx" for product "Freepbx" | 2.10 Search vendor "Freepbx" for product "Freepbx" and version "2.10" | - |
Affected
| ||||||
| Freepbx Search vendor "Freepbx" | Freepbx Search vendor "Freepbx" for product "Freepbx" | 2.11 Search vendor "Freepbx" for product "Freepbx" and version "2.11" | - |
Affected
| ||||||
| Freepbx Search vendor "Freepbx" | Freepbx Search vendor "Freepbx" for product "Freepbx" | 2.12 Search vendor "Freepbx" for product "Freepbx" and version "2.12" | - |
Affected
| ||||||
| Sangoma Search vendor "Sangoma" | Freepbx Search vendor "Sangoma" for product "Freepbx" | 2.9 Search vendor "Sangoma" for product "Freepbx" and version "2.9" | - |
Affected
| ||||||