CVE advisoryKnown Exploit
CVE-2025-64328
FreePBX Endpoint Manager Command Injection Vulnerability
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
A vulnerability in FreePBX Endpoint Manager allows authenticated users to inject commands, potentially granting attackers remote system access. This impacts system integrity and confidentiality. The realistic business risk involves unauthorized data access and system control.