CVE-2025-57819— FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-57819
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FreePBX Affected by Authentication Bypass Leading to SQL Injection and RCE
Source: NVD (National Vulnerability Database)
Vulnerability Description
FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
FreePBX 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
FreePBX(前称Asterisk Management Portal)是FreePBX项目的一套通过GUI(基于网页的图形化接口)配置Asterisk(IP电话系统)的工具。 FreePBX 15.0.66版本和17.0.3之前版本存在安全漏洞,该漏洞源于用户数据清理不足,可能导致未经验证访问管理员界面及远程代码执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
II. Public POCs for CVE-2025-57819
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Detection for CVE-2025-57819 | https://github.com/rxerium/CVE-2025-57819 | POC Details |
| 2 | This is repository contains a script to check for current IOCs listed in the freepbx forum topic of the CVE-2025-57819 | https://github.com/Sucuri-Labs/CVE-2025-57819-ioc-check | POC Details |
| 3 | FreePBX SQL Injection Exploit | https://github.com/blueisbeautiful/CVE-2025-57819 | POC Details |
| 4 | A write up of CVE-2025-57819, a vulnerability affecting FreePBX 15, 16, and 17 | https://github.com/net-hex/CVE-2025-57819 | POC Details |
| 5 | FreePBX CVE-2025-57819 lab (Docker) + Nuclei POC for unauth SQLi (time-based). | https://github.com/ImBIOS/lab-cve-2025-57819 | POC Details |
| 6 | CVE-2025-57819 | https://github.com/B1ack4sh/Blackash-CVE-2025-57819 | POC Details |
| 7 | FreePBX backdoor cleanup script used in 0-day exploitation of CVE-2025-57819 was detected. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/backdoor/freepbx-cleanup-backdoor.yaml | POC Details |
| 8 | None | https://github.com/watchtowrlabs/watchTowr-vs-FreePBX-CVE-2025-57819 | POC Details |
| 9 | FreePBX 15, 16, and 17 contain a remote code execution caused by insufficiently sanitized user-supplied data in endpoints, letting unauthenticated attackers manipulate the database and execute code remotely, exploit requires no authentication. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-57819.yaml | POC Details |
| 10 | FreePBX SQL Injection Exploit | https://github.com/brokendreamsclub/CVE-2025-57819 | POC Details |
| 11 | FreePBX versions 15, 16, and 17 contain a Remote Code Execution (RCE) vulnerability caused by insufficient sanitization of user-supplied data in endpoints. | https://github.com/MuhammadWaseem29/SQL-Injection-and-RCE_CVE-2025-57819 | POC Details |
| 12 | Safe, read-only SQL Injection checker for FreePBX (CVE-2025-57819), using error/boolean/time-based techniques with per-parameter verdicts and JSON reporting. | https://github.com/xV4nd3Rx/CVE-2025-57819_FreePBX-PoC | POC Details |
| 13 | This repository includes two PoC scripts for CVE-2025-57819 in FreePBX: one to create a new admin user (poc_admin.py), and another to extract credentials using sqlmap (poc_auto_get_username_pass.py). For educational and authorized use only. | https://github.com/orange0Mint/CVE-2025-57819_FreePBX | POC Details |
| 14 | 🔍 Detect SQL injection risks in FreePBX's admin interface safely and efficiently, providing actionable insights and clean JSON reports for security teams. | https://github.com/JakovBis/CVE-2025-57819_FreePBX-PoC | POC Details |
| 15 | CVE-2025-57819 | https://github.com/Ashwesker/Blackash-CVE-2025-57819 | POC Details |
| 16 | Detects vulnerable FreePBX versions affected by CVE-2025-57819. | https://github.com/cybertechajju/cve-2025-57819 | POC Details |
| 17 | CVE-2025-57819 | https://github.com/Ashwesker/Ashwesker-CVE-2025-57819 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-57819
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: endpoint
Same vendor: FreePBX
- CVE-2026-40520
FreePBX api module Command Injection via GraphQL - CVE-2026-28287
FreePBX: Authenticated Remote Code Execution via Recordings - CVE-2026-28284
FreePBX: Authenticated SQL Injection Vulnerabilities in Free - CVE-2026-28210
FreePBX: Authenticated SQL Injection in CDR (Call Data Recor - CVE-2026-28209
FreePBX: Command Injection leading to Remote Code Execution
Same weakness: CWE-89
- CVE-2021-47941
WordPress Plugin Survey & Poll 1.5.7.3 SQL Injection via sss - CVE-2021-47930
Balbooa Joomla Forms Builder 2.0.6 SQL Injection Unauthentic - CVE-2021-47928
Opencart TMD Vendor System 3.x Blind SQL Injection via produ - CVE-2026-8231
CodeAstro Online Catering Ordering System deleteorder.php sq - CVE-2025-14179
SQL injection in pdo_firebird via NUL bytes in quoted string
V. Comments for CVE-2025-57819
No comments yet