Freepbx Framework
4 CVEs affecting Freepbx Framework. Latest disclosed: 2025-12-16. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-66039 | Critical | 9.8 | 2025-12-09 | FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authenticat… |
CVE-2025-55211 | High | 8.8 | 2025-09-15 | FreePBX is an open-source web-based graphical user interface. From 17.0.19.11 to before 17.0.21, authenticated users of the Administrator Control Panel (ACP) c… |
CVE-2025-67722 | High | 7.8 | 2025-12-16 | FreePBX is an open-source web-based graphical user interface (GUI) that manages Asterisk. Prior to versions 16.0.45 and 17.0.24 of the FreePBX framework, an au… |
CVE-2025-59056 | High | 7.5 | 2025-09-15 | FreePBX is an open-source web-based graphical user interface. In FreePBX 15, 16, and 17, malicious connections to the Administrator Control Panel web interface… |