CVE-2020-21055
Published
CVSS v3
6.5
MEDIUM
CVSS v2
4
MEDIUM
Affected
1
PROJECT
Description
A Directory Traversal vulnerability exists in FusionPBX 4.5.7 allows malicoius users to rename any file of the system.via the (1) folder, (2) filename, and (3) newfilename variables in app\edit\filerename.php.
Official FusionPBX - A full-featured domain based multi-tenant PBX and voice switch for FreeSwitch.
GitHub