module
FusionPBX Command exec.php Command Execution
| Disclosed |
|---|
| 2019-11-02 |
Disclosed
2019-11-02
Description
This module uses administrative functionality available in FusionPBX
to gain a shell.
The Command section of the application permits users with `exec_view`
permissions, or superadmin permissions, to execute arbitrary system
commands, or arbitrary PHP code, as the web server user.
This module has been tested successfully on FusionPBX version
4.4.1 on Ubuntu 19.04 (x64).
to gain a shell.
The Command section of the application permits users with `exec_view`
permissions, or superadmin permissions, to execute arbitrary system
commands, or arbitrary PHP code, as the web server user.
This module has been tested successfully on FusionPBX version
4.4.1 on Ubuntu 19.04 (x64).
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.