freepbx News Articles
Recent news articles refferecing the vendors vulnerabilities.
Cyber PressCVE-2025-66039FreePBX Vulnerabilities Enable Authentication Bypass Leading to Remote Code Execution
The vulnerabilities chain together via an authentication bypass that circumvents web server authentication controls, enabling SQL injection and arbitrary file upload.
SecNews.grCVE-2025-66039FreePBX fixes critical vulnerabilities that allow RCE attack
FreePBX faces critical security vulnerabilities that allow remote code execution.
The Hacker NewsCVE-2025-66039FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was enabled.
Critical FreePBX Flaws Expose Business Phone Systems to Complete Takeover
FreePBX vulnerabilities allow attackers to bypass authentication and execute remote code on business VoIP systems.
The Hacker NewsCVE-2025-57819FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
Active FreePBX zero-day (CVE-2025-57819) + CVSS 10.0 exploited since Aug 21, 2025 + enables unauthenticated admin access and RCE.
No more news articles to load.