← Zuruck zu CVEs

CVE-2025-64328

HIGHCISA KEV

7.2

Beschreibung

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function. An attacker can leverage this vulnerability to obtain remote access to the system as an asterisk user. This issue is fixed in version 17.0.3.

CVE Details

CVSS v3.1 Bewertung7.2

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienHIGH

BenutzerinteraktionNONE

Veroffentlicht11/7/2025

Zuletzt geandert2/24/2026

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerSangoma

ProduktFreePBX

SchwachstellennameSangoma FreePBX OS Command Injection Vulnerability

KEV Aufnahmedatum2026-02-03

Behebungsfrist2026-02-24

Ransomware-NutzungUnknown

Betroffene Produkte

sangoma:firestore

Schwachen (CWE)

CWE-78

Referenzen

https://github.com/FreePBX/filestore/blob/f0e3983059271efd80b483ec823310ef19a59013/drivers/SSH/testconnection.php#L2(security-advisories@github.com)

https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvw(security-advisories@github.com)

https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80(security-advisories@github.com)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-64328(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.fortinet.com/blog/threat-research/unveiling-the-weaponized-web-shell-encystphp(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.