CID Superfecta Cache: FREEI-3731 fix is broken

The security fix for CID Superfecta Cache that was pushed last week is broken. On FreePBX 14 it adds cache entries with number = 0 and callerid = :calledid. (You might see different behavior for “number”: mine hasn’t been changed to type VARCHAR yet.) The source for FreePBX 15 has the same errors. Obviously this was never tested before being committed. That’s a huge no-no.

I spent hours yesterday figuring out what is wrong. I’m currently working on a fix.

not upgrading is low risk. The exploit would require a chain of unlikely events.

1. An attacker knows you are using superfecta
2. An attacker knows your phone number
3. An attacker crafts a sql injection in to a caller id string that is actually useful
4. They know your IP address to access the system

Hi @bitbanger Please update to the latest superfecta and give try. We have pushed the fix today. thanks.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.