Medium severity6.8OSV Advisory· Published Oct 1, 2024· Updated Apr 15, 2026
CVE-2024-47071
CVE-2024-47071
Description
OSS Endpoint Manager is an endpoint manager module for FreePBX. OSS Endpoint Manager module activation can allow authenticated web users unauthorized access to read system files with the permissions of the webserver process. This vulnerability is fixed in 14.0.4.
Affected products
1- Range: release/1.9.9, release/13.0.1, release/13.0.2, …
Patches
24576029ba24bbad70ca3de21Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.