CNNVD-202512-1090 Information
CNNVD ID
CNNVD-202512-1090
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
FreePBX Endpoint Manager是FreePBX开源的一款集中管理IP电话终端配置模块。 FreePBX Endpoint Manager存在授权问题漏洞,该漏洞源于身份验证绕过,可能导致未经授权的访问。
Description (English)
FreePBX Endpoint Manager is a centralized IP telephone terminal configuration module for FreePBX open source. FreePBX Endpoint Manager has a mandate gap, which stems from a circumvention of identification, which may lead to unauthorized access.
Hazard Level
Low
Vulnerability Type
授权问题
Affected Vendor
FreePBX
Published
2025-12-09
Last Modified
2026-02-24
References
https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698 https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80 https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50 https://access.redhat.com/security/cve/cve-2025-66039
Patch
https://www.freepbx.org/downloads/
Share on: