10 matches found
CVE-2026-28209
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, a command injection vulnerability exists in FreePBX when using the ElevenLabs Text-to-Speech TTS engine in the recordings module. This issue has been patched in versions 16.0.20...
CVE-2026-28287
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and 17.0.5...
EUVD-2026-9862
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and 17.0.5...
CVE-2026-28287 FreePBX: Authenticated Remote Code Execution via Recordings Module AJAX Endpoints
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and 17.0.5...
CVE-2026-28287
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and 17.0.5...
CVE-2026-28209
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, a command injection vulnerability exists in FreePBX when using the ElevenLabs Text-to-Speech TTS engine in the recordings module. This issue has been patched in versions 16.0.20...
CVE-2026-28209 FreePBX: Command Injection leading to Remote Code Execution in FreePBX ElevenLabs Text-to-Speech integration
FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, a command injection vulnerability exists in FreePBX when using the ElevenLabs Text-to-Speech TTS engine in the recordings module. This issue has been patched in versions 16.0.20...
PT-2026-23489
Name of the Vulnerable Software and Affected Versions FreePBX versions 16.0.17.2 through 16.0.20 FreePBX versions 17.0.2.4 through 17.0.5 Description FreePBX, an open source IP PBX, contains a command injection issue within the recordings module when utilizing the ElevenLabs Text-to-Speech TTS...
PT-2026-23492
Name of the Vulnerable Software and Affected Versions FreePBX versions 16.0.17.2 through 16.0.19 FreePBX versions 17.0.2.4 through 17.0.4 Description FreePBX is an open source IP PBX. Multiple command injection vulnerabilities exist in the recordings module. These issues have been addressed in...
FreePBX 操作系统命令注入漏洞
FreePBX is a set of tools from the FreePBX project that allow configuration of Asterisk an IP telephony system through a GUI graphical web-based interface. Versions of FreePBX prior to 16.0.17.2 and 16.0.20, as well as versions from 17.0.2.4 to 17.0.5, have a vulnerability related to operating...