CVE-2025-57819

Published Aug 28, 2025

Last updated 9 days ago

Exploit knownCVSS critical 10.0
FreePBX

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-57819 is a security vulnerability affecting FreePBX, an open-source web-based graphical user interface used for managing Asterisk PBX systems. The vulnerability exists in versions 15, 16, and 17. It stems from insufficient sanitization of user-supplied data, which allows unauthenticated attackers to access the FreePBX Administrator interface. Successful exploitation of CVE-2025-57819 can lead to arbitrary database manipulation and remote code execution (RCE). Patches have been released to address this vulnerability in endpoint versions 15.0.66, 16.0.89, and 17.0.3.

Description
FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
10
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Sangoma FreePBX Authentication Bypass Vulnerability
Exploit added on
Aug 29, 2025
Exploit action due
Sep 19, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

security-advisories@github.com
CWE-89

Social media

Hype score
Not currently trending

  1. CVE-2025-57819 Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.

    @ZeroDayFacts

    7 Sept 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Actively exploited CVE : CVE-2025-57819

    @transilienceai

    6 Sept 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. 🚨Critical FreePBX zero-day (CVE-2025-57819) with CVSS 10 allows unauthenticated remote code execution & DB manipulation. Exploited in the wild! Patch now: 15.0.66, 16.0.89, 17.0.3 👉Details & mitigation → https://t.co/5OcbsUvr4F https://t.co/DrNYtdV3MA

    @rapidriskradar

    3 Sept 2025

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers [CVE-2025-57819 - CVSS score of 10/10] - https://t.co/PMNIfTlZ4u

    @SecurityWeek

    2 Sept 2025

    1852 Impressions

    4 Retweets

    8 Likes

    1 Bookmark

    1 Reply

    1 Quote

  5. 🛡️ Cyber Threat Digest – 2025-09-02 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: No NVD News: Pennsylvania AG Office says ransomware attack… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv

    @dpharristech

    2 Sept 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🛡️ Cyber Threat Digest – 2025-09-01 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: No NVD News: Brokewell Android malware delivered through fake… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv

    @dpharristech

    1 Sept 2025

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CISAが既知の脆弱性1件をカタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Aug 29) CVE-2025-57819 Sangoma FreePBX 認証バイパスの脆弱性 https://t.co/wctBx4B39X

    @foxbook

    31 Aug 2025

    213 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🛡️ Cyber Threat Digest – 2025-08-31 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: CVE-2005-10004 — Cacti versions prior to News: OpenAI is testing "Thinking effort" for… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv

    @dpharristech

    31 Aug 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. FreePBX CVE-2025-57819 (CVSS 10.0) incidents: 6620 unpatched instances seen 2025-08-29, at least 386 compromised. Dashboard links: Vulnerable (unpatched): https://t.co/rbUGWLZQe4 Compromised: https://t.co/MCmXiOB0qI Check for compromise, patch - https://t.co/acH146DX7G http

    @Shadowserver

    30 Aug 2025

    5857 Impressions

    20 Retweets

    40 Likes

    20 Bookmarks

    1 Reply

    0 Quotes

  10. FreePBX zero-day (CVE-2025-57819) is under active attack—RCE through exposed admin panels, root access possible. Patch immediately, restrict access now.

    @huseyin_yu46083

    30 Aug 2025

    4 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🛡️ Cyber Threat Digest – 2025-08-30 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: CVE-2025-9649 — security vulnerability has been News: Windows 11 KB5064081 update clears up… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv

    @dpharristech

    30 Aug 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 @CISACyber adds CVE-2025-57819 (Sangoma FreePBX auth bypass) to KEV catalog. Actively exploited ⚠️ - BOD 22-01 requires FCEB remediation - Urged for all orgs to patch quickly How fast does your team patch KEV-listed CVEs? ⏱️ Follow @Technadu for cyber alerts 🔐

    @TechNadu

    30 Aug 2025

    111 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. FreePBX zero-day (CVE-2025-57819) is under active attack—RCE through exposed admin panels, root access possible. Patch immediately, restrict access now. Read the full article: https://t.co/rAd00UWcqD #Cybersecurity #VoIP #FreePBX #ZeroDay #PatchNow https://t.co/ZZAGyhUTDY

    @securitydailyr

    30 Aug 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 🛡️ Watch out! CISA flags CVE-2025-57819 in FreePBX—a sneaky auth-bypass leading to remote chaos! Time to patch those vulnerabilities before your PBX turns into a PB-EX! 😂 #Cybersecurity #FreePBX #CVE2025 https://t.co/ndw1rc16yV

    @windowsforum

    29 Aug 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-57819 #Sangoma #FreePBX Authentication Bypass Vulnerability https://t.co/PusRXUbihm

    @ScyScan

    29 Aug 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. Critical zero-day CVE-2025-57819 targets FreePBX versions 15-17, enabling unauthorized access and remote code execution. Exploits active since Aug 21, 2025, through poor access controls. #VoIPSecurity #RemoteExploit #USA https://t.co/qqP201XGa5

    @TweetThreatNews

    29 Aug 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Actively Exploited Zero-Day in FreePBX CVE-2025-57819 (CVSS 10.0) allows unauthenticated attackers to gain admin access and execute remote code on exposed systems. Impacts versions < 15.0.66, 16.0.89, 17.0.3. Patch now available. Update immediately. #CyberSecurity #ZeroDay

    @CloneSystemsInc

    29 Aug 2025

    54 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  18. 🚨 Vulnerabilidad crítica en FreePBX FreePBX es una plataforma de centralita privada (PBX) de código abierto utilizada por empresas para gestionar las comunicaciones de voz. Está basada en Asterisk ⚠️ CVE-2025-57819 https://t.co/TXXZa3yxEL https://t.co/xMdfE4jAaq

    @elhackernet

    29 Aug 2025

    4032 Impressions

    17 Retweets

    54 Likes

    18 Bookmarks

    0 Replies

    0 Quotes

  19. csirt_it: ‼️#Exploited #FreePBX: rilevato lo sfruttamento attivo della vulnerabilità 0-day CVE-2025-57819, di tipo #RCE Rischio: 🔴 Tipologia 🔸 Remote Code Execution 🔗https://t.co/pQubveMmoc 🔄 Aggiornamenti disponibili 🔄 https://t.co/vnlfMHfYeU

    @Vulcanux_

    29 Aug 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. ‼️#Exploited #FreePBX: rilevato lo sfruttamento attivo della vulnerabilità 0-day CVE-2025-57819, di tipo #RCE Rischio: 🔴 Tipologia 🔸 Remote Code Execution 🔗https://t.co/CmkwGjcwv4 🔄 Aggiornamenti disponibili 🔄 https://t.co/jFs1Y1nu42

    @csirt_it

    29 Aug 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 🚨🚨CVE-2025-57819 (CVSS: 10) hits FreePBX hard! Unauthenticated attackers can bypass security, unleash SQL injection, and execute remote code to fully control systems. Search by vul.cve Filter👉vul.cve="CVE-2025-57819" ZoomEye Dork👉app="FreePBX" Over 85.9k vulnerable

    @zoomeye_team

    29 Aug 2025

    1215 Impressions

    4 Retweets

    21 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  22. 🚨 Critical FreePBX Vulnerability (CVE-2025-57819) Exploited in the Wild - A CVSSv4 10.0 vulnerability in Sangoma FreePBX (versions 15, 16, 17) allows unauthenticated attackers to bypass login protections, manipulate databases, and achieve remote code execution (RCE). - ht

    @Ransom_DB

    29 Aug 2025

    228 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  23. 📢 Check out our latest blog post: Zero-day CVE-2025-57819 is under active attack—learn how to patch FreePBX now and prevent remote code execution before hackers strike. Read it here → https://t.co/5mRg48zy4k Let us know your thoughts!

    @PurpleOps_io

    29 Aug 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. CVE-2025-57819: Auth Bypass in FreePBX Administrator, 10.0 rating 🔥🔥🔥 A critical 0-day vuln in FreePBX could allow an attacker to perform SQLi and RCE. Exploitation has already been observed in the wild! Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/tYMjnm

    @Netlas_io

    29 Aug 2025

    681 Impressions

    3 Retweets

    9 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  25. 🚨Patch now‼️ Sangoma FreePBX Security Team has released a patch for a 0-day vulnerability (CVE-2025-57819) affecting publicly exposed FreePBX Administrator Control Panels. Vulnerability has been exploited since August 21. More info: https://t.co/LDaNIThym5 https://t.co

    @H4ckmanac

    29 Aug 2025

    3923 Impressions

    11 Retweets

    12 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  26. 🚨 CRITICAL: FreePBX security-reporting SQL injection (CVE-2025-57819) allows unauthenticated RCE & DB manipulation. Patch now if running <15.0.66, <16.0.89, <17.0.3! 🔒 https://t.co/uFqMkdfb70 #OffSeq #FreePBX ... https://t.co/yexyOFvOgY

    @offseq

    29 Aug 2025

    73 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. CVE-2025-57819 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allow… https://t.co/TbrQFBFcSD

    @CVEnew

    28 Aug 2025

    30 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  28. [CVE-2025-57819: CRITICAL] FreePBX 15, 16, and 17 endpoints contain critical vulnerabilities allowing unauthenticated access to the administrator, leading to arbitrary database manipulation and remote code e...#cve,CVE-2025-57819,#cybersecurity https://t.co/XKMWQHlJbO https://t.c

    @CveFindCom

    28 Aug 2025

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.