CVE-2015-2842

Name of the Vulnerable Software and Affected Versions GoAutoDial GoAdmin CE versions 3.x before 3.3-1421902800

Description The issue concerns an unrestricted file upload vulnerability in the audiostore (Voice Files) upload functionality. This vulnerability allows remote attackers to execute arbitrary code by uploading a file with an executable extension and then accessing it via a direct request to the file in sounds/.

Recommendations For GoAutoDial GoAdmin CE versions 3.x before 3.3-1421902800, update to version 3.3-1421902800 or later to resolve the issue. As a temporary workaround, consider restricting access to the go audiostore.php file and the sounds/ directory to minimize the risk of exploitation. Avoid using the audiostore upload functionality until the issue is resolved.