FreePBX >= 17.0.2.36 && < 17.0.3 - Authenticated Command Injection CVE-2025-64328
- Severity
- EPSS Score
- EPSS Percentile
- Vulnerability description
- Not available
- Risk description
- Not available
- Recommendation
- Not available
- References
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-vm9p-46mv-5xvwhttps://theyhack.me/CVE-2025-64328-FreePBX-Authenticated-Command-Injection/https://www.cisa.gov/news-events/alerts/2026/02/03/cisa-adds-four-known-exploited-vulnerabilities-catalog
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Cisa Kev
Yes- Exploitable with Sniper
- No
- CVE Published
- Nov 7, 2025
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.