I am sure you already know about this. But I though I would let you know just incase. It is more or less important for Nethvoice. You can pass it on.
I received a email from Free PBX see below -
Valued customer,
We want to make you aware of a security issue affecting FreePBX and PBXact systems, where the Admin Interface (aka Admin Panel, Web Admin Portal, Web GUI, Administrator Control Panel) is vulnerable to unauthorized access from outside actors via the public internet.
Why this matters
Systems left exposed may be at risk of unauthorized access or service disruption.
What you need to do immediately
-
Restrict Admin Panel access so it is only available from trusted IPs. The easiest way to do this is through the FreePBX Firewall module.
-
Do not leave the Admin interface open to the internet.
Fix availability
-
A patch with a confirmed fix has been released to the EDGE repository.
-
The patch will be promoted to the stable release channel within 36 hours. Systems set up for automatic security updates will be updated with no further action. Ensure that your system has this feature enabled, or manually download the security update upon its release.
-
If you want the fix now, run the appropriate below command to download the EDGE fix:
-
FreePBX v16/v17:
$ fwconsole ma downloadinstall endpoint --edge
- PBXact v16:
$ fwconsole ma downloadinstall endpoint --tag 16.0.88.19
- PBXact v17:
$ fwconsole ma downloadinstall endpoint --tag 17.0.2.31
Stay up to date
Keep up to date on this issue by visiting the FreePBX community forum, where current information on this issue is available: https://community.freepbx.org/.
Thank you for acting quickly to secure your system.