| Authenticated file disclosure in CompletePBX lesser or equals to version 5.2.35, allows remote attackers with valid credentials to read arbitrary files on the server, including sensitive system files like etc shadow. The vulnerability exists in the core module%u2019s download method, which fails to properly validate user input. The attack requires a valid session token i.e sid cookie, meaning the attacker must be logged in before exploiting the issue. |
