We have been informed of increased activity amongst hackers trying to exploit the CVE-2012-4869 vulnerability in the platform, which lets them use the PBX Web interface to run their own code inside the PBX. This illegal access allows the hackers to steal user names and passwords and then create a “legitimate” connection to the PBX. This vulnerability is present in all systems running versions 2.10 or lower.
If any of your customers has a system with the Web interface exposed to the Internet we highly recommend to stop exposing it immediately. If remote access is required, a VPN or SSH tunneling may be used.
With respect to the Xorcom PBX appliances, the affected versions are installed on Elastix-based servers running v.2.4 and older. So, for customers who insist that the PBX Web interface be accessible from the Internet, the servers must be upgraded to the latest Elastix 2.5 version.
Share this story with your friends or work colleagues. If you want to stay up to date with our latest products, industry news and offers you can sign up to our monthly newsletters, keep up to date with us on Facebook or follow us on twitter @VoIPon.
