You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
endpoint module
About this tag
The endpoint module tag on WindowsForum.com covers discussions about vulnerabilities and security issues related to endpoint modules in telephony and communication systems. Recent content highlights CVE-2025-57819, an authentication bypass and SQL injection chain in Sangoma FreePBX's endpoint module that can lead to remote code execution. This vulnerability has been added to CISA's Known Exploited Vulnerabilities catalog due to active exploitation. The tag focuses on endpoint module security, including authentication mechanisms, SQL injection risks, and remote code execution threats in systems like FreePBX and Asterisk-based telephony platforms.
CISA has added CVE-2025-57819 — an authentication‑bypass and SQL‑injection chain that can lead to remote code execution in Sangoma FreePBX — to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation and urging immediate remediation. Background
FreePBX is a...