EUVD-2010-3488

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Directory traversal vulnerability in FreePBX 2.8.0 allows remote admins to create arbitrary files

Reporter	Title	Published	Views	Family All 15
0day.today	FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution	25 Sep 201000:00	–	zdt
Circl	CVE-2010-3490	24 Sep 201000:00	–	circl
Check Point Advisories	FreePBX Recording Interface File Upload Code Execution (CVE-2010-3490)	3 Nov 201000:00	–	checkpoint_advisories
CVE	CVE-2010-3490	28 Sep 201017:00	–	cve
Cvelist	CVE-2010-3490	28 Sep 201017:00	–	cvelist
Exploit DB	FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution	24 Sep 201000:00	–	exploitdb
exploitpack	FreePBX 2.8.0 - Recordings Interface Allows Remote Code Execution	24 Sep 201000:00	–	exploitpack
NVD	CVE-2010-3490	28 Sep 201018:00	–	nvd
OpenVAS	FreePBX System Recordings Menu Arbitrary File Upload Vulnerability	3 Nov 201000:00	–	openvas
OpenVAS	FreePBX <= 2.8.0 Arbitrary File Upload Vulnerability	3 Nov 201000:00	–	openvas

[
  {
    "enisaIdVendor": [
      {
        "id": "1b42354d-f993-338a-809b-42f5f4472244",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2d71b99c-11e1-3b0b-adb8-c22ada2346f7",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2010-3490
trustwave	www.trustwave.com/spiderlabs/advisories/TWSL2010-005.txt
securityfocus	www.securityfocus.com/archive/1/513947/100/0/threaded
securityfocus	www.securityfocus.com/bid/43454
freepbx	www.freepbx.org/trac/ticket/4553
exploit-db	www.exploit-db.com/exploits/15098
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 26.5

EPSS0.08967