Intrusion Prevention

FusionPBX.Operator.Panel.exec.php.Command.Execution

Description

This indicates an attack attempt to exploit a Remote Command Execution Vulnerability in FusionPBX.
An authenticated remote attacker could exploit this vulnerability by sending a maliciously crafted HTTP request. Successful exploitation could result in the execution of arbitrary code in the security context of the targeted system.

Affected Products

FusionPBX version 4.4.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

CVE References

CVE-2019-11409