CVE-2025-57819CISA KEV: Actively Exploited

Sangoma FreePBX Authentication Bypass Vulnerability

Published Aug 29, 2025·Updated Aug 29, 2025

Description

Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.

Public Exploits & PoCs18 found

PoC: lab-cve-2025-57819

FreePBX CVE-2025-57819 lab (Docker) + Nuclei POC for unauth SQLi (time-based).

1

PoC: FreePBX-SQLi-RCE

CVE-2025-57819 FreePBX SQLi RCE PoC

PoC: CVE-2025-57819-FreePBX-RCE2Root

CVE-2025-57819 Unauthenticated RCE

PoC: FreePBX-CVE-2025-57819-CVE-2025-61678

Chains CVE-2025-57819 (stacked query SQL injection) and CVE-2025-61678 (authenticated file upload in FreePBX Endpoint Manager) to achieve Remote Code Execution (RCE). For educational use only.

PoC: FreePBX-CVE-2025-57819

Unauthenticated SQL Injection to Remote Code Execution in FreePBX — CVE-2025-57819

PoC: freepbx-endpoint-sqli-rce

Unauthenticated SQL injection in FreePBX Endpoint Manager (CVE-2025-57819) that injects a cron-scheduled PHP webshell for remote code execution.

PoC: CVE-2025-57819-exploit

FreePBX Pre-Auth SQLi to RCE (CVE-2025-57819) — All-in-One Exploit

PoC: CVE-2025-57819-poc

CVE-2025-57819 poc

PoC: CVE-2025-57819_FreePBX-PoC

🔍 Detect SQL injection risks in FreePBX's admin interface safely and efficiently, providing actionable insights and clean JSON reports for security teams.

PoC: CVE-2025-57819_FreePBX

This repository includes two PoC scripts for CVE-2025-57819 in FreePBX: one to create a new admin user (poc_admin.py), and another to extract credentials using sqlmap (poc_auto_get_username_pass.py). For educational and authorized use only.

PoC: CVE-2025-57819_FreePBX-PoC

Safe, read-only SQL Injection checker for FreePBX (CVE-2025-57819), using error/boolean/time-based techniques with per-parameter verdicts and JSON reporting.

PoC: SQL-Injection-and-RCE_CVE-2025-57819

FreePBX versions 15, 16, and 17 contain a Remote Code Execution (RCE) vulnerability caused by insufficient sanitization of user-supplied data in endpoints.

PoC: Blackash-CVE-2025-57819

CVE-2025-57819

PoC: CVE-2025-57819

A write up of CVE-2025-57819, a vulnerability affecting FreePBX 15, 16, and 17

PoC: CVE-2025-57819

FreePBX SQL Injection Exploit

PoC: cve-2025-57819

Detects vulnerable FreePBX versions affected by CVE-2025-57819.

PoC: CVE-2025-57819-ioc-check

This is repository contains a script to check for current IOCs listed in the freepbx forum topic of the CVE-2025-57819

PoC: CVE-2025-57819

Detection for CVE-2025-57819

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free