CVE-2014-1903
FreePBX <2.9.0.14, <2.10.1.15, <2.11.0.23, <12.0.1alpha22 - RCE
Title source: llmDescription
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by @0x00string · perlwebappsphp
https://www.exploit-db.com/exploits/32214
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremoteunix
https://www.exploit-db.com/exploits/32512
metasploit
WORKING POC
EXCELLENT
by i-Hmx, 0x00string · rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/freepbx_config_exec.rb
References (12)
Scores
EPSS
0.8450
EPSS Percentile
99.3%
Classification
CWE
CWE-264
Status
draft
Affected Products (4)
freepbx/freepbx
freepbx/freepbx
freepbx/freepbx
sangoma/freepbx
Timeline
Published
Feb 18, 2014
Tracked Since
Feb 18, 2026