FreePBX Recordings Backdoor Upload

Added: 10/14/2016

Background

FreePBX is a web-based open-source graphical user interface used to manage Asterisk PBX, an open-source communication server. The FreePBX System Recordings module allows playback of recorded files.

Problem

The System Recordings module in FreePBX 13 and 14 is vulnerable to remote command execution with privilege escalation due to a failure to require authentication for certain Ajax requests when requesting files. FreePBX System Recordings module versions between August 2015 (13.0.1beta1) and August 2016 (13.0.26) are affected.

Resolution

Upgrade your System Recordings module to Recordings 13.0.27 or higher. If you are unable to upgrade, do not allow access to the Admin interface from the internet.

References

https://www.exploit-db.com/exploits/40232/
http://wiki.freepbx.org/display/FOP/2016-08-09+CVE+Remote+Command+Execution+with+Privileged+Escalation

Limitations

Exploit works on FreePBX 10.13.66.
Back to exploit index