FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws

First reported

15.12.2025 16:32

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

Multiple critical vulnerabilities in FreePBX, including SQL injection, arbitrary file upload, and authentication bypass flaws, have been patched. These flaws could lead to remote code execution (RCE) under certain configurations. The vulnerabilities were discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025. Patches were released in October and December 2025.

Timeline

15.12.2025 16:32 1 articles · 2h ago

FreePBX Patches Critical Vulnerabilities Enabling RCE
Multiple critical vulnerabilities in FreePBX, including SQL injection, arbitrary file upload, and authentication bypass flaws, have been patched. These flaws could lead to remote code execution (RCE) under certain configurations. The vulnerabilities were discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025. Patches were released in October and December 2025.
Show sources

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32
Open in new tab

Information Snippets

CVE-2025-61675 (CVSS score: 8.6) affects multiple endpoints and parameters, enabling read and write access to the underlying SQL database.
First reported: 15.12.2025 16:32

1 source, 1 article
Show sources
- FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32
CVE-2025-61678 (CVSS score: 8.6) allows authenticated arbitrary file uploads, potentially leading to RCE.
First reported: 15.12.2025 16:32

1 source, 1 article
Show sources
- FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32
CVE-2025-66039 (CVSS score: 9.3) is an authentication bypass vulnerability when the 'Authorization Type' is set to 'webserver'.
First reported: 15.12.2025 16:32

1 source, 1 article
Show sources
- FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32
The authentication bypass flaw is not vulnerable in the default configuration of FreePBX.
First reported: 15.12.2025 16:32

1 source, 1 article
Show sources
- FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32
Patches for CVE-2025-61675 and CVE-2025-61678 were released on October 14, 2025, in versions 16.0.92 and 17.0.6.
First reported: 15.12.2025 16:32

1 source, 1 article
Show sources
- FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32
The patch for CVE-2025-66039 was released on December 9, 2025, in versions 16.0.44 and 17.0.23.
First reported: 15.12.2025 16:32

1 source, 1 article
Show sources
- FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32
Temporary mitigations include setting 'Authorization Type' to 'usermanager' and disabling 'Override Readonly Settings'.
First reported: 15.12.2025 16:32

1 source, 1 article
Show sources
- FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE — thehackernews.com — 15.12.2025 16:32

Summary

Timeline

FreePBX Patches Critical Vulnerabilities Enabling RCE

Information Snippets