EXPLOITDB-EDB-18650

EXPLOITDB python VERIFIED WORKING POC

Exploit for CVE-2012-4869 - FreePBX <2.10 - Command Injection

AI Analysis

This exploit targets a pre-authenticated remote code execution vulnerability in FreePBX and Elastix by injecting a reverse shell payload via a malformed URL parameter. The payload leverages Perl to establish a reverse shell connection to the attacker's specified host and port.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

Loading exploit code...

Download ZIP Password: eip

Source

Platform Exploitdb

Type webapps

Platform php

Language python

Files 1

https://www.exploit-db.com/exploits/18650

Authors

muts Emporeo

Vulnerability

CVE-2012-4869

FreePBX <2.10 - Command Injection