Critical FreePBX Vulnerability (CVE-2025-57819) Under Active Exploitation

by CIRT Team

A critical flaw (CVE-2025-57819) in FreePBX versions 15, 16, and 17 enables unauthenticated attackers to perform SQL injection and remote code execution (RCE), with 25 vulnerable IP addresses found in Bangladesh. Immediate patching, system updates, and access restrictions are crucial to prevent exploitation.

Download the full PDF Document

CIRT Team

Recommended Posts

Phishing Champaign on Cyber Space of Bangladesh

06 Aug 2025 - Security Advisories & Alerts

Situational Alert for CII, Energy Sectors, Banks

25 Jul 2025 - Security Advisories & Alerts

Situational Awareness for Eid-ul-Adha Holidays

04 Jun 2025 - Security Advisories & Alerts