module
FreePBX ajax.php unauthenticated SQLi to RCE
| Disclosed |
|---|
| Aug 28, 2025 |
Disclosed
Aug 28, 2025
Description
This module exploits an unauthenticated SQL injection flaw in FreePBX prior to versions 15.0.66, 16.0.89,
and 17.0.3. The vulnerability lies in the /admin/ajax.php endpoint, which is accessible without
authentication. Additionally, the database user created by FreePBX can schedule cronjobs, allowing
remote code execution on the target system.
and 17.0.3. The vulnerability lies in the /admin/ajax.php endpoint, which is accessible without
authentication. Additionally, the database user created by FreePBX can schedule cronjobs, allowing
remote code execution on the target system.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.