Sangoma FreePBX authentication bypass vulnerability alert

A serious authentication bypass vulnerability has been found in Sangoma FreePBX, allowing attackers to access the FreePBX Administrator interface without credentials. This flaw, caused by insufficient input sanitization, can lead to arbitrary database changes and remote code execution.

Sangoma FreePBX authentication bypass vulnerability alertSangoma FreePBX authentication bypass vulnerability alert

The vulnerability involves SQL injection (CWE-89) and authentication bypass (CWE-288) issues. While it’s unclear if ransomware groups are exploiting this flaw, the risk is high due to the platform’s critical role in telephony.

Sangoma FreePBX authentication bypass vulnerability alertSangoma FreePBX authentication bypass vulnerability alert

Recommended Actions:

  • Apply patches or mitigations from Sangoma immediately.
  • Follow BOD 22-01 guidance for cloud services.
  • Consider discontinuing FreePBX if no fixes are available.
  • Monitor systems for suspicious activity.
  • Promptly addressing this vulnerability is vital to protect your communication systems from potential attacks.


NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security