FreePBX vulnerabilities

Just saw this Secunia advisory - if you have http open to your asterisk system managed by FreePBX, 1st off you are stupid, 2nd, you may have a new vulnerability. Luckily FreePBX has provided updates to fix this (update all your modules), but you are still best not giving any public access to your PBX.