Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2014-7235 is a low severity vulnerability with a CVSS score of 0.0. Exploits are available; patches have been released and should be applied urgently. This is classified as a zero-day vulnerability.
Very high probability of exploitation in the next 30 days
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX before 2.9.0.9, 2.10.x, and 2.11 before 2.11.1.5 allows remote attackers to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, as exploited in the wild in September 2014.
| Vendor | Product |
|---|---|
| Freepbx | Freepbx |
| Sangoma | Freepbx |
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.