× EU ICT Risk Newsroom DORA News On the Horizon ΑΙ Cybersec Space Cyber Alerts GDPR News EU CERT Advisories ICT Governance ESA/NCAs Contact
Switch to Greek 🔍

FreePBX Patches Critical Security Flaws: SQLi, File-Upload, AUTHTYPE Bypass, RCE

Newsroom - 15 December 2025 - 16:32

Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations. The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below - CVE-2025-61675 (CVSS score: 8.6) - Numerous

FreePBX Patches Critical Security Flaws: SQLi, File-Upload, AUTHTYPE Bypass, RCE
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations. The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below - CVE-2025-61675 (CVSS score: 8.6) - Numerous
FreePBX security vulnerabilities SQLi RCE

Subscribe for EU DORA and Banking ICT Risk news and insights