CVE-2014-1903
FreePBX <2.9.0.14, <2.10.1.15, <2.11.0.23, <12.0.1alpha22 - RCE
Title source: llmDescription
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremoteunix
https://www.exploit-db.com/exploits/32512
exploitdb
WORKING POC
VERIFIED
by @0x00string · perlwebappsphp
https://www.exploit-db.com/exploits/32214
metasploit
WORKING POC
EXCELLENT
by i-Hmx, 0x00string · rubypocunix
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/freepbx_config_exec.rb
References (12)
Scores
EPSS
0.8450
EPSS Percentile
99.3%
Details
CWE
CWE-264
Status
published
Products (4)
freepbx/freepbx
2.10
freepbx/freepbx
2.11
freepbx/freepbx
2.12
sangoma/freepbx
2.9
Published
Feb 18, 2014
Tracked Since
Feb 18, 2026