Vulnerability Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sangoma | Freepbx | < 16.0.44 |
Related Weaknesses (CWE)
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fcProduct
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6xMitigationVendor Advisory
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80Not ApplicableVendor Advisory
FAQ
What is CVE-2025-66039?
CVE-2025-66039 is a vulnerability with a CVSS score of 9.8 (CRITICAL). FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When prov...
How severe is CVE-2025-66039?
CVE-2025-66039 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-66039?
Check the references section above for vendor advisories and patch information. Affected products include: Sangoma Freepbx.