You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
freepbx endpoint
About this tag
The freepbx endpoint tag covers discussions about security vulnerabilities in Sangoma FreePBX, a web-based GUI for managing Asterisk telephony systems. Recent content highlights CVE-2025-57819, an authentication bypass and SQL injection chain leading to remote code execution, which CISA added to its Known Exploited Vulnerabilities catalog due to active exploitation. Topics include endpoint security, patch management, and remediation steps for exposed administrative interfaces. This tag is relevant for IT administrators and security professionals managing FreePBX deployments.
CISA has added CVE-2025-57819 — an authentication‑bypass and SQL‑injection chain that can lead to remote code execution in Sangoma FreePBX — to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation and urging immediate remediation. Background
FreePBX is a...