Thank you for your advice.
As I stated in my post I DO NOT use Elastix nor do I have a2billing installed. It is a FreePBX distro.
I'm quite aware of the holes existing in Elastix and seldom use it for totally locked systems from the outside world.
Since it is a small business, I installed a few weeks ago VtigerCRM on the same machine with Asterisk Integration.Could it be there the vulnerability comes from?