CVE-2025-55211

FreePBX is an open-source web-based graphical user interface. From 17.0.19.11 to before 17.0.21, authenticated users of the Administrator Control Panel ACP can run arbitrary shell commands by maliciously changing languages of the framework module. This vulnerability is fixed in 17.0.21...

CVE-2025-55211

FreePBX is an open-source web-based graphical user interface. From 17.0.19.11 to before 17.0.21, authenticated users of the Administrator Control Panel ACP can run arbitrary shell commands by maliciously changing languages of the framework module. This vulnerability is fixed in 17.0.21...

FreePBX 操作系统命令注入漏洞

FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system via a GUI web-based graphical interface. An operating system command injection vulnerability exists in FreePBX version 17.0.19.11 through versions prior to...

Malicious Package

Overview klook-node-framework-language is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Note: This malicious package was...