Security Advisory

CVE-2025-57819

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-28 16:45:18
Last updated 2026-02-26 17:47:51
Assigner GitHub_M
State PUBLISHED

Description

FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.