CVE-2025-66039
Last modified
CVE-2025-66039 is a critical-severity vulnerability rated 9.3/10 on the CVSS scale. FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. EPSS estimates a 2.98% chance of exploitation in the next 30 days.
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sangoma | Freepbx | < 16.0.44 |
| Sangoma | Freepbx | >= 17.0.1, < 17.0.23 |
References
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698Mitigation, Vendor Advisory
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80Not Applicable, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-66039?
How severe is CVE-2025-66039?
How do I fix CVE-2025-66039?
Are you affected by CVE-2025-66039?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST