CVE-2007-2350

NONE EPSS 81.0%
Published Apr 30, 200719y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 30, 2007 19y ago
Last Modified Jun 16, 2026 2w ago

Description

admin/config.php in the music-on-hold module in freePBX 2.2.x allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the del parameter.

Threat Intelligence

EPSS Exploit Probability
81.0% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Affected Products 1

VendorProductVersionRange
freepbxfreepbx* ≤2.2.1

References 5

  • lists.grok.org.uk http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053915.html
    Exploit
  • osvdb.org http://osvdb.org/35316
  • secunia.com http://secunia.com/advisories/24935
    Vendor Advisory
  • securityreason.com http://securityreason.com/securityalert/2652
  • vupen.com http://www.vupen.com/english/advisories/2007/1535

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.