PT-2025-42185 · Unknown · Freepbx Endpoint Manager
Published
2025-10-14
·
Updated
2026-01-31
·
CVE-2025-61675
CVSS v4.0
8.6
High
| Vector | AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
FreePBX Endpoint Manager versions prior to 16.0.92
FreePBX Endpoint Manager versions prior to 17.0.6
Description
The FreePBX Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the basestation, model, firmware, and custom extension configuration functionality areas. Authentication with a known username is required to exploit these vulnerabilities. Successful exploitation allows authenticated users to execute arbitrary SQL queries against the database, potentially enabling access to sensitive data or modification of database contents. The issue impacts multiple parameters across four API endpoints. The vulnerabilities could be chained with authentication bypass flaws for unauthenticated exploitation. This issue is related to SQL injection, file upload flaws, and an AUTHTYPE bypass, which could lead to Remote Code Execution (RCE) and authentication bypass.
Recommendations
Update to FreePBX Endpoint Manager version 16.0.92.
Update to FreePBX Endpoint Manager version 17.0.6.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Freepbx Endpoint Manager