CVE-2019-11410
Published
CVSS v3
N/A
CVSS v2
9
HIGH
Affected
1
PROJECT
Description
app/backup/index.php in the Backup Module in FusionPBX 4.4.3 suffers from a command injection vulnerability due to a lack of input validation, which allows authenticated administrative attackers to execute commands on the host.
Official FusionPBX - A full-featured domain based multi-tenant PBX and voice switch for FreeSwitch.
GitHub