AI description
CVE-2025-57819 is a security vulnerability affecting FreePBX, an open-source web-based graphical user interface used for managing Asterisk PBX systems. The vulnerability exists in versions 15, 16, and 17. It stems from insufficient sanitization of user-supplied data, which allows unauthenticated attackers to access the FreePBX Administrator interface. Successful exploitation of CVE-2025-57819 can lead to arbitrary database manipulation and remote code execution (RCE). Patches have been released to address this vulnerability in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
- Description
- FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
- Products
- freepbx
CVSS 4.0
- Type
- Secondary
- Base score
- 10
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Sangoma FreePBX Authentication Bypass Vulnerability
- Exploit added on
- Aug 29, 2025
- Exploit action due
- Sep 19, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- security-advisories@github.com
- CWE-89
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
23
Unauthenticated SQL injection leading to RCE in FreePBX Endpoint (CVE-2025-57819) https://t.co/dvPIYaPnMJ Credits @watchtowrcyber #infosec https://t.co/d677TUzroK
@0xor0ne
26 Oct 2025
13066 Impressions
31 Retweets
225 Likes
89 Bookmarks
0 Replies
2 Quotes
🚨 FreePBX critical SQL injection chains to RCE (CVE-2025-57819). The cron_jobs API lacks input validation—attackers execute arbitrary SQL then inject PHP payloads into cron tables for persistent access. SANS ISC confirmed active exploitation in the wild. Intelligence Source
@the_c_protocol
9 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 FreePBX has a critical SQL injection that chains to RCE (CVE-2025-57819). The cron_jobs API endpoint doesn't validate input, letting unauthenticated attackers execute arbitrary SQL—then leverage that to run system commands. SANS ISC confirmed active exploitation attempts
@the_c_protocol
8 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#VulnerabilityReport #CVE202557819 CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0) https://t.co/NgxgpNwtMN
@Komodosec
5 Oct 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Unauthenticated RCE exploit targeting FreePBX Endpoint module (CVE-2025-57819) via SQL injection. https://t.co/dvPIYaPnMJ Credits @watchtowrcyber #infosec https://t.co/nHFWe0BIRn
@0xor0ne
29 Sept 2025
11508 Impressions
42 Retweets
220 Likes
63 Bookmarks
4 Replies
0 Quotes
CVE-2025-57819 Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.
@ZeroDayFacts
23 Sept 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical FreePBX Authentication Bypass Under Active Exploitation (🧵Thread) The CrowdSec Network has detected active exploitation attempts targeting CVE-2025-57819, a critical authentication bypass vulnerability in FreePBX open-source phone systems. This vulnerability ena
@Crowd_Security
22 Sept 2025
365 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 FreePBX SQLi & RCE (CVE-2025-57819) — v1.1.0 Read-only checker: multi-host scans (-L), per-host JSON → out/, vulnerable.txt, and --delay (default 1.5s). Proxy-friendly (Burp/ZAP). Only test systems you own/are authorized to. 🔗 https://t.co/BijhUn4fjA
@mr_V4nd3r
19 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ring ring... who is it? a bucket of sand to bury your head in. Join us today on our journey through FreePBX's CVE-2025-57819, as we chain unusual behaviour to demonstrate the auth bypass, to SQLi, to RCE, used in-the-wild. https://t.co/02BoDnDPct
@watchtowrcyber
10 Sept 2025
67505 Impressions
43 Retweets
150 Likes
91 Bookmarks
8 Replies
3 Quotes
CVE-2025-57819 Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.
@ZeroDayFacts
7 Sept 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-57819
@transilienceai
6 Sept 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Critical FreePBX zero-day (CVE-2025-57819) with CVSS 10 allows unauthenticated remote code execution & DB manipulation. Exploited in the wild! Patch now: 15.0.66, 16.0.89, 17.0.3 👉Details & mitigation → https://t.co/5OcbsUvr4F https://t.co/DrNYtdV3MA
@rapidriskradar
3 Sept 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers [CVE-2025-57819 - CVSS score of 10/10] - https://t.co/PMNIfTlZ4u
@SecurityWeek
2 Sept 2025
1852 Impressions
4 Retweets
8 Likes
1 Bookmark
1 Reply
1 Quote
🛡️ Cyber Threat Digest – 2025-09-02 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: No NVD News: Pennsylvania AG Office says ransomware attack… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
2 Sept 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-01 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: No NVD News: Brokewell Android malware delivered through fake… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
1 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAが既知の脆弱性1件をカタログに追加 CISA Adds One Known Exploited Vulnerability to Catalog #CISA (Aug 29) CVE-2025-57819 Sangoma FreePBX 認証バイパスの脆弱性 https://t.co/wctBx4B39X
@foxbook
31 Aug 2025
213 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-08-31 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: CVE-2005-10004 — Cacti versions prior to News: OpenAI is testing "Thinking effort" for… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
31 Aug 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
FreePBX CVE-2025-57819 (CVSS 10.0) incidents: 6620 unpatched instances seen 2025-08-29, at least 386 compromised. Dashboard links: Vulnerable (unpatched): https://t.co/rbUGWLZQe4 Compromised: https://t.co/MCmXiOB0qI Check for compromise, patch - https://t.co/acH146DX7G http
@Shadowserver
30 Aug 2025
5857 Impressions
20 Retweets
40 Likes
20 Bookmarks
1 Reply
0 Quotes
FreePBX zero-day (CVE-2025-57819) is under active attack—RCE through exposed admin panels, root access possible. Patch immediately, restrict access now.
@huseyin_yu46083
30 Aug 2025
4 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-08-30 KEV: CVE-2025-57819 — Sangoma FreePBX Authentication Bypass NVD: CVE-2025-9649 — security vulnerability has been News: Windows 11 KB5064081 update clears up… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
30 Aug 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 @CISACyber adds CVE-2025-57819 (Sangoma FreePBX auth bypass) to KEV catalog. Actively exploited ⚠️ - BOD 22-01 requires FCEB remediation - Urged for all orgs to patch quickly How fast does your team patch KEV-listed CVEs? ⏱️ Follow @Technadu for cyber alerts 🔐
@TechNadu
30 Aug 2025
111 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
FreePBX zero-day (CVE-2025-57819) is under active attack—RCE through exposed admin panels, root access possible. Patch immediately, restrict access now. Read the full article: https://t.co/rAd00UWcqD #Cybersecurity #VoIP #FreePBX #ZeroDay #PatchNow https://t.co/ZZAGyhUTDY
@securitydailyr
30 Aug 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Watch out! CISA flags CVE-2025-57819 in FreePBX—a sneaky auth-bypass leading to remote chaos! Time to patch those vulnerabilities before your PBX turns into a PB-EX! 😂 #Cybersecurity #FreePBX #CVE2025 https://t.co/ndw1rc16yV
@windowsforum
29 Aug 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-57819 #Sangoma #FreePBX Authentication Bypass Vulnerability https://t.co/PusRXUbihm
@ScyScan
29 Aug 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical zero-day CVE-2025-57819 targets FreePBX versions 15-17, enabling unauthorized access and remote code execution. Exploits active since Aug 21, 2025, through poor access controls. #VoIPSecurity #RemoteExploit #USA https://t.co/qqP201XGa5
@TweetThreatNews
29 Aug 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively Exploited Zero-Day in FreePBX CVE-2025-57819 (CVSS 10.0) allows unauthenticated attackers to gain admin access and execute remote code on exposed systems. Impacts versions < 15.0.66, 16.0.89, 17.0.3. Patch now available. Update immediately. #CyberSecurity #ZeroDay
@CloneSystemsInc
29 Aug 2025
54 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Vulnerabilidad crítica en FreePBX FreePBX es una plataforma de centralita privada (PBX) de código abierto utilizada por empresas para gestionar las comunicaciones de voz. Está basada en Asterisk ⚠️ CVE-2025-57819 https://t.co/TXXZa3yxEL https://t.co/xMdfE4jAaq
@elhackernet
29 Aug 2025
4032 Impressions
17 Retweets
54 Likes
18 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼️#Exploited #FreePBX: rilevato lo sfruttamento attivo della vulnerabilità 0-day CVE-2025-57819, di tipo #RCE Rischio: 🔴 Tipologia 🔸 Remote Code Execution 🔗https://t.co/pQubveMmoc 🔄 Aggiornamenti disponibili 🔄 https://t.co/vnlfMHfYeU
@Vulcanux_
29 Aug 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️#Exploited #FreePBX: rilevato lo sfruttamento attivo della vulnerabilità 0-day CVE-2025-57819, di tipo #RCE Rischio: 🔴 Tipologia 🔸 Remote Code Execution 🔗https://t.co/CmkwGjcwv4 🔄 Aggiornamenti disponibili 🔄 https://t.co/jFs1Y1nu42
@csirt_it
29 Aug 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-57819 (CVSS: 10) hits FreePBX hard! Unauthenticated attackers can bypass security, unleash SQL injection, and execute remote code to fully control systems. Search by vul.cve Filter👉vul.cve="CVE-2025-57819" ZoomEye Dork👉app="FreePBX" Over 85.9k vulnerable
@zoomeye_team
29 Aug 2025
1215 Impressions
4 Retweets
21 Likes
6 Bookmarks
0 Replies
0 Quotes
🚨 Critical FreePBX Vulnerability (CVE-2025-57819) Exploited in the Wild - A CVSSv4 10.0 vulnerability in Sangoma FreePBX (versions 15, 16, 17) allows unauthenticated attackers to bypass login protections, manipulate databases, and achieve remote code execution (RCE). - ht
@Ransom_DB
29 Aug 2025
228 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
📢 Check out our latest blog post: Zero-day CVE-2025-57819 is under active attack—learn how to patch FreePBX now and prevent remote code execution before hackers strike. Read it here → https://t.co/5mRg48zy4k Let us know your thoughts!
@PurpleOps_io
29 Aug 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-57819: Auth Bypass in FreePBX Administrator, 10.0 rating 🔥🔥🔥 A critical 0-day vuln in FreePBX could allow an attacker to perform SQLi and RCE. Exploitation has already been observed in the wild! Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/tYMjnm
@Netlas_io
29 Aug 2025
681 Impressions
3 Retweets
9 Likes
2 Bookmarks
1 Reply
0 Quotes
🚨Patch now‼️ Sangoma FreePBX Security Team has released a patch for a 0-day vulnerability (CVE-2025-57819) affecting publicly exposed FreePBX Administrator Control Panels. Vulnerability has been exploited since August 21. More info: https://t.co/LDaNIThym5 https://t.co
@H4ckmanac
29 Aug 2025
3923 Impressions
11 Retweets
12 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: FreePBX security-reporting SQL injection (CVE-2025-57819) allows unauthenticated RCE & DB manipulation. Patch now if running <15.0.66, <16.0.89, <17.0.3! 🔒 https://t.co/uFqMkdfb70 #OffSeq #FreePBX ... https://t.co/yexyOFvOgY
@offseq
29 Aug 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-57819 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allow… https://t.co/TbrQFBFcSD
@CVEnew
28 Aug 2025
30 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-57819: CRITICAL] FreePBX 15, 16, and 17 endpoints contain critical vulnerabilities allowing unauthenticated access to the administrator, leading to arbitrary database manipulation and remote code e...#cve,CVE-2025-57819,#cybersecurity https://t.co/XKMWQHlJbO https://t.c
@CveFindCom
28 Aug 2025
84 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9143871-4B1B-4E24-BEC2-BFD90A93D22E",
"versionEndExcluding": "15.0.66",
"versionStartIncluding": "15.0"
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA0527BD-AE80-4126-A72A-008EEC486381",
"versionEndExcluding": "16.0.89",
"versionStartIncluding": "16.0"
},
{
"criteria": "cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89857E91-C727-4043-8BCE-A2A089D6F720",
"versionEndExcluding": "17.0.3",
"versionStartIncluding": "17.0"
}
],
"operator": "OR"
}
]
}
]