FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
References
| Link | Resource |
|---|---|
| https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50 | Product |
| https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698 | Mitigation Vendor Advisory |
| https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80 | Vendor Advisory Not Applicable |
Configurations
Configuration 1 (hide)
|
History
02 Feb 2026, 14:47
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50 - Product | |
| References | () https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698 - Mitigation, Vendor Advisory | |
| References | () https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80 - Vendor Advisory, Not Applicable | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| CPE | cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:* | |
| First Time |
Sangoma freepbx
Sangoma |
09 Dec 2025, 22:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-09 22:16
Updated : 2026-02-02 14:47
NVD link : CVE-2025-66039
Mitre link : CVE-2025-66039
CVE.ORG link : CVE-2025-66039
JSON object : View
Products Affected
sangoma
- freepbx
CWE
CWE-287
Improper Authentication