FreePBX Security Update Advisory (CVE-2025-57819)

Sep 01 2025

Overview

We have released a security update to address a vulnerability in FreePBX. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-57819

FreePBX 15 Versions: 15.0.66 and earlier
FreePBX 16 Versions: 16.0.89 and earlier
FreePBX 17 Version: 17.0.3 and earlier

Resolved Vulnerabilities

Authentication bypass vulnerability in the endpoint module of FreePBX (CVE-2025-57819)

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-57819

FreePBX 15 Version: 15.0.66
FreePBX 16 Version: 16.0.89
FreePBX 17 Version: 17.0.3

References

[1] Authentication Bypass Leading to SQL Injection and RCE
https://github.com/FreePBX/security-reporting/security/advisories/GHSA-m42g-xg4c-5f3h

FreePBX Security Update Advisory (CVE-2025-57819)

Citrix Product Security Update Advisory

Microsoft Edge browser (139.0.3405.125) version security update advisory

Tags:

Citrix Product Security Update Advisory

Microsoft Edge browser (139.0.3405.125) version security update advisory