I love articles like these. The ones where they tell you have a huge vulnerability but then they don’t tell you what that vulnerability is, what version of Asterisk/FreePBX this impacts and what version has the patch to fix it.
Despite both articles coming from the same source, one claims Asterisk/FreePBX and the other just claims Asterisk. One claims there was a patch released for this vulnerability but the other has no mention of the patch.
Articles like these are click bait as far as I’m concerned because they do nothing but tell you that you could be exposed to being compromised but give you no actionable information on how to resolve or mitigate the issue. Very helpful.