FreePBX has addressed critical vulnerabilities enabling authentication bypass and remote code execution in its Endpoint Manager module. Discovered by Horizon3.ai researchers, these flaws affect telephony endpoint configurations in the open-source IP PBX system. Researchers identified three high-severity issues distinct from the earlier CVE-2025-57819, which was added to CISA’s Known Exploited Vulnerabilities catalog. CVE-2025-66039 allows authentication […]
The post FreePBX Vulnerabilities Enables Authentication Bypass that Leads Remote Code Execution appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: