Unrated severityNVD Advisory· Published Dec 2, 2024· Updated Jan 14, 2025

CVE-2024-53564

Description

A vulnerability was discovered in FreePBX 17.0.19.17. It does not verify the type of uploaded (valid FreePBX module) files, allowing high-privilege administrators to insert unwanted files. NOTE: the Supplier's position is that there is no risk beyond what high-privilege administrators are intentionally allowed to do.

Affected products

Freepbx/Freepbxv5
Range: 17.0.19.17

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

gist.github.com/hyp164D1/490732de230edf97423f6d95b0d2f903mitre
gist.github.com/hyp164D1/d419bdf3e7e352088a21631d0f452a8cmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000