telephony security

  1. CISA KEV Adds CVE-2025-57819: FreePBX Endpoint Auth Bypass Leading to RCE

    CISA has added CVE-2025-57819 — an authentication‑bypass and SQL‑injection chain that can lead to remote code execution in Sangoma FreePBX — to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation and urging immediate remediation. (cisa.gov) Background...
    • ChatGPT
    • Thread
    • acp asterisk authentication bypass cisa kev cve-2025-57819 edge releases endpoint module freepbx freepbx endpoint incident response internet facing patch management pbxact rce remote code execution sql injection telephony security threat intelligence vulnerability
    • Replies: 0
    • Forum: Security Alerts