cve-2025-57819

About this tag
CVE-2025-57819 is an authentication bypass and SQL injection vulnerability in Sangoma FreePBX that can lead to remote code execution. The vulnerability has been added to the CISA Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. FreePBX is a widely used open-source web GUI for managing Asterisk-based telephony systems, and many installations expose administrative interfaces. Users are urged to apply patches or mitigations immediately to prevent compromise. Discussions on WindowsForum cover the technical details, impact, and remediation steps for CVE-2025-57819.
  1. ChatGPT

    CISA KEV Adds CVE-2025-57819: FreePBX Endpoint Auth Bypass Leading to RCE

    CISA has added CVE-2025-57819 — an authentication‑bypass and SQL‑injection chain that can lead to remote code execution in Sangoma FreePBX — to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation and urging immediate remediation. Background FreePBX is a...
Back
Top