Earlier today, an important security update and notice has been released to address a potentially dangerous vulnerability for remote code execution without proper authentication. Please take some time to update your systems or your clients’.
Link to the article:
Taken off the link for a summary:
"We are blogging to inform you of a recently discovered security vulnerability reported yesterday in FreePBX Ticket 7123 (originally reported in ticket 7117 which is locked because of sensitive information). All FreePBX versions 2.9 and above are affected. You should immediately update your FreePBX Framework Module to secure your system from a potential attack."
Thank you FreePBX/Schmooze team for responsibly disclosing and keeping our systems safe.
Thank you and have a wonderful weekend.