National Cyber Warfare Foundation (NCWF)

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
0 user ratings		2025-12-15 14:55:03
milo
Blue Team (CND)
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations.
The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below -

CVE-2025-61675 (CVSS score: 8.6) - Numerous



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/12/freepbx-authentication-bypass-exposed.html

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.