CVE-2019-15029

EPSS 12.3%

FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To trigger the command, one needs to call the services.php file via a GET request with the service id followed by the parameter a=start to execute the stored command.

Affected products

n/a · n/a

public PoCs found — 2

githubgithub.com/mhaskar/CVE-2019-15029★ 8 exploitdbwww.exploit-db.com/exploits/47358unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://drive.google.com/file/d/1bt08NSUaxu87LJJGdNd7LpvZ2uGauRK8/view?usp=sharing https://gist.github.com/mhaskar/7a6a804cd68c7fec4f9d1f5c3507900f https://shells.systems/fusionpbx-v4-4-8-authenticated-remote-code-execution-cve-2019-15029/