6 matches found
FreePBX >= 17.0.2.36 && < 17.0.3 - Authenticated Command Injection
FreePBX Endpoint Manager 17.0.2.36 to = 17.0.2.36 && 17.0.3 - Authenticated Command Injection author: th3y severity: critical description: | FreePBX Endpoint Manager 17.0.2.36 to 17.0.3 contains a command injection caused by improper sanitization in filestore module's testconnection checksshconne...
Metasploit Wrap-Up 03/20/2026
♫ I Just Called ♫ To Say ♫ 7f45 4c46 0201 0100 0000 0000 0000 0000 0300 3e00 0100♫ This release contains 2 new exploit modules, 2 enhancements, and 7 bug fixes. Community contributor Chocapikk submitted both exploit modules this release: one targeting AVideo-Encoder’s getImage.php file and anothe...
FreePBX Filestore Module Exposure Scanner
This python script is a lightweight security scanner designed to detect installations of FreePBX and check basic indicators related to the vulnerability CVE-2025-64328...
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025. Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in...
FreePBX 17.0.2.36 < 17.0.3 Command Injection (GHSA-vm9p-46mv-5xvw)
The version of FreePBX installed on the remote host is 17.0.2.36 or later but prior to 17.0.3. It is, therefore, affected by a command injection vulnerability: - The filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated...
CVE-2025-64328
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the...