← Volver a CVEs
CVE-2025-64328
HIGHCISA KEV7.2
Descripcion
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function. An attacker can leverage this vulnerability to obtain remote access to the system as an asterisk user. This issue is fixed in version 17.0.3.
Detalles CVE
Puntuacion CVSS v3.17.2
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosHIGH
Interaccion usuarioNONE
Publicado11/7/2025
Ultima modificacion2/24/2026
Fuentekev
Avistamientos honeypot0
CISA KEV
VendedorSangoma
ProductoFreePBX
Nombre vulnerabilidadSangoma FreePBX OS Command Injection Vulnerability
Fecha inclusion KEV2026-02-03
Fecha limite remediacion2026-02-24
Uso en ransomwareUnknown
Productos afectados
sangoma:firestore
Debilidades (CWE)
CWE-78
Referencias
https://github.com/FreePBX/filestore/blob/f0e3983059271efd80b483ec823310ef19a59013/drivers/SSH/testconnection.php#L2(security-advisories@github.com)
https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvw(security-advisories@github.com)
https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80(security-advisories@github.com)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-64328(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.fortinet.com/blog/threat-research/unveiling-the-weaponized-web-shell-encystphp(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.