Unrated severityNVD Advisory· Published Sep 15, 2025· Updated Feb 13, 2026
FreePBX vulnerable to unauthenticated Denial of Service
CVE-2025-59056
Description
FreePBX is an open-source web-based graphical user interface. In FreePBX 15, 16, and 17, malicious connections to the Administrator Control Panel web interface can cause the uninstall function to be triggered for certain modules. This function drops the module's database tables, which is where most modules store their configuration. This vulnerability is fixed in 15.0.38, 16.0.41, and 17.0.21.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/FreePBX/security-reporting/security/advisories/GHSA-frc2-jhgg-rwprmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.