CVE-2025-64328HIGH 7.2CISA KEVEPSS p99.7%
CVE-2025-64328Sangoma FreePBX OS Command Injection Vulnerability
Sangoma / FreePBX
Description
Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function. An attacker can leverage this vulnerability to potentially obtain remote access to the system as an asterisk user.
Scoring
| CVSS 3.1 | 7.2 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 84.05% probability of exploitation · percentile 99.7% · 2026-06-18T12:00:27Z |
| Published | 2025-11-07 |
| Last modified | 2026-02-24 |
CISA KEV entry
Added to KEV: 2026-02-03
Underlying weaknesses· 1
References
- https://github.com/FreePBX/filestore/blob/f0e3983059271efd80b483ec823310ef19a59013/drivers/SSH/testconnection.php#L2
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvw
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-64328
- https://www.fortinet.com/blog/threat-research/unveiling-the-weaponized-web-shell-encystphp
1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Weakness | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-78 | 0% | live |
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| KEVEntry | Sangoma FreePBX OS Command Injection Vulnerabilitykev-cve-2025-64328 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.