CVE-2025-66039

CVE Database · CVE-2025-66039

CVE-2025-66039

· CRITICALAnalyzed

CVSS v3.1

9.8

CVSS v4.0

9.3

EPSS

2.98%

Published

Dec 9, 2025

Modified

Feb 2, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-287

Affected Products (2)

sangoma · freepbx (up to 16.0.44)vulnerable

sangoma · freepbx (up to 17.0.23)vulnerable

References (3)

https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50

Product

https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698

MitigationVendor Advisory

https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80

Not ApplicableVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs