CVE-2025-64328 - FreePBX Administration GUI is Vulnerable to Au...

{ "Source": "CVE FEED", "Title": "CVE-2025-64328 - FreePBX Administration GUI is Vulnerable to Authenticated Command Injection", "Content": "CVE ID : CVE-2025-64328 Published : Nov. 7, 2025, 4:15 a.m. | 34 minutes ago Description : FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function. An attacker can leverage this vulnerability to obtain remote access to the system as an asterisk user. This issue is fixed in version 17.0.3. Severity: 8.6 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...", "Detection Date": "07 Nov 2025", "Type": "Vulnerability"}🔹 t.me/cvedetector 🔹