Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.
PoC: lab-cve-2025-57819
FreePBX CVE-2025-57819 lab (Docker) + Nuclei POC for unauth SQLi (time-based).
PoC: FreePBX-SQLi-RCE
CVE-2025-57819 FreePBX SQLi RCE PoC
PoC: CVE-2025-57819-FreePBX-RCE2Root
CVE-2025-57819 Unauthenticated RCE
PoC: FreePBX-CVE-2025-57819-CVE-2025-61678
Chains CVE-2025-57819 (stacked query SQL injection) and CVE-2025-61678 (authenticated file upload in FreePBX Endpoint Manager) to achieve Remote Code Execution (RCE). For educational use only.
PoC: FreePBX-CVE-2025-57819
Unauthenticated SQL Injection to Remote Code Execution in FreePBX — CVE-2025-57819
PoC: freepbx-endpoint-sqli-rce
Unauthenticated SQL injection in FreePBX Endpoint Manager (CVE-2025-57819) that injects a cron-scheduled PHP webshell for remote code execution.
PoC: CVE-2025-57819-exploit
FreePBX Pre-Auth SQLi to RCE (CVE-2025-57819) — All-in-One Exploit
PoC: CVE-2025-57819-poc
CVE-2025-57819 poc
PoC: CVE-2025-57819_FreePBX-PoC
🔍 Detect SQL injection risks in FreePBX's admin interface safely and efficiently, providing actionable insights and clean JSON reports for security teams.
PoC: CVE-2025-57819_FreePBX
This repository includes two PoC scripts for CVE-2025-57819 in FreePBX: one to create a new admin user (poc_admin.py), and another to extract credentials using sqlmap (poc_auto_get_username_pass.py). For educational and authorized use only.
PoC: CVE-2025-57819_FreePBX-PoC
Safe, read-only SQL Injection checker for FreePBX (CVE-2025-57819), using error/boolean/time-based techniques with per-parameter verdicts and JSON reporting.
PoC: SQL-Injection-and-RCE_CVE-2025-57819
FreePBX versions 15, 16, and 17 contain a Remote Code Execution (RCE) vulnerability caused by insufficient sanitization of user-supplied data in endpoints.
PoC: Blackash-CVE-2025-57819
CVE-2025-57819
PoC: CVE-2025-57819
A write up of CVE-2025-57819, a vulnerability affecting FreePBX 15, 16, and 17
PoC: CVE-2025-57819
FreePBX SQL Injection Exploit
PoC: cve-2025-57819
Detects vulnerable FreePBX versions affected by CVE-2025-57819.
PoC: CVE-2025-57819-ioc-check
This is repository contains a script to check for current IOCs listed in the freepbx forum topic of the CVE-2025-57819
PoC: CVE-2025-57819
Detection for CVE-2025-57819
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free