CVE-2025-66039

Published Dec 9, 2025

Last updated 17 days ago

CVSS critical 9.3
FreePBX Endpoint Manager

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-66039 is an authentication bypass vulnerability affecting the FreePBX Endpoint Manager module when the authentication type is set to "webserver". By providing an arbitrary Authorization header, an attacker can create a session associated with a target user without needing valid credentials. This vulnerability allows an unauthenticated attacker to potentially gain unauthorized access to FreePBX Endpoint Manager systems. The issue is fixed in FreePBX Endpoint Manager versions 16.0.44 and 17.0.23.

Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-287

Social media

Hype score
Not currently trending

  1. ⚠️⚠️ Multiple new vulnerabilities discovered in #FreePBX by @Horizon3ai. Combining Auth Bypass (CVE-2025-66039) with SQL Injection (CVE-2025-61675) can lead to unauthenticated Remote Code Execution. 🔥Deep Dive: https://t.co/bbgNURHfma 🔗FOFA Link: https://t.co/XhTGOj

    @fofabot

    17 Dec 2025

    1213 Impressions

    5 Retweets

    16 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  2. FreePBX Flaw Allows Unauthenticated Login Bypass & Full VoIP System Takeover CVE-2025-57819 , CVE-2025-66039 Read the full report on - https://t.co/PVI3VkYGKU https://t.co/y5AN3oTnWF

    @Iambivash007

    16 Dec 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. FreePBX Flaws Enable Remote Code Execution—Patch Now Critical FreePBX flaws (CVE-2025-66039) include SQLi and auth bypass, risking remote code execution. Users must update to patched versions and avoid "webserver" auth type to prevent exploitation and ensure security. Immediat

    @Secwiserapp

    16 Dec 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 New Security Research Disclosure 🚨 I’ve published a repository documenting multiple critical vulnerabilities in FreePBX (2025), including: 🔹 CVE-2025-66039 🔹 CVE-2025-61678 🔹 CVE-2025-61675 🔗 GitHub: https://t.co/Uknsy9ESK8 #InfoSec #cyberleelawat #CVE #Free

    @cyberleelawat

    16 Dec 2025

    5 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨Alert🚨 CVE-2025-61675&CVE-2025-61678&CVE-2025-66039 : Critical SQLi,File-Upload, and AUTHTYPE Bypass Flaws in FreePBX could Lead to RCE. -------------------- CVE-2025-61675: An authenticated SQL injection vulnerability CVE-2025-61678: An authenticated arbitrary fil

    @HunterMapping

    16 Dec 2025

    5942 Impressions

    17 Retweets

    89 Likes

    29 Bookmarks

    0 Replies

    1 Quote

  6. 🚨🚨 Three Critical Vulnerabilities In FreePBX CVE-2025-61675: Authenticated SQL Injection - Affects endpoint module CVE-2025-61678: Authenticated Arbitrary File Upload - Affects endpoint module CVE-2025-66039: Authentication Bypass - Affects framework module ZoomEye Dork

    @zoomeye_team

    16 Dec 2025

    2283 Impressions

    11 Retweets

    31 Likes

    10 Bookmarks

    1 Reply

    0 Quotes

  7. 🚨 3 critical/high FreePBX vulnerabilities disclosed CVE-2025-66039: Authentication bypass CVE-2025-61675: SQL injection CVE-2025-61678: File upload leading to RCE I've created detection scripts for these vulns: https://t.co/2dmklJha55 @Horizon3ai - https://t.co/nQOPyb6K4F

    @rxerium

    15 Dec 2025

    20013 Impressions

    71 Retweets

    459 Likes

    288 Bookmarks

    7 Replies

    0 Quotes

  8. The FreePBX Rabbit Hole: CVE-2025-66039 And Others https://t.co/stAfpHfZVf #news

    @packet_storm

    15 Dec 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. While analyzing CVE-2025-57819 – the RCE vuln that went KEV from late August, @Horizon3Attack uncovered three new #FreePBX vulnerabilities: CVE-2025-66039, 61675, and 61678. Under the webserver authentication type, they chain into full RCE. 🧵 https://t.co/85AmKySE52

    @Horizon3ai

    15 Dec 2025

    298 Impressions

    2 Retweets

    6 Likes

    0 Bookmarks

    2 Replies

    0 Quotes

  10. The FreePBX Rabbit Hole: CVE-2025-66039 & More https://t.co/Dp2cacB6GG https://t.co/LqddkaI6gq

    @secharvesterx

    12 Dec 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Check out our new deep dive on CVE-2025-66039 and other related CVEs. We found an authentication bypass, multiple SQL injections, and file upload to RCE in FreePBX. https://t.co/TuYCn7bHR3

    @Horizon3Attack

    12 Dec 2025

    11246 Impressions

    35 Retweets

    136 Likes

    64 Bookmarks

    2 Replies

    0 Quotes

References

Sources include official advisories and independent security research.