CVE-2025-61678 | FreePBX Endpoint Manager up to 16.0.91/17.0.5 fwbrand unrestricted upload (GHSA-7p8x-8m3m-58j9)

A vulnerability, which was classified as critical, has been found in FreePBX Endpoint Manager up to 16.0.91/17.0.5. Affected is an unknown function. This manipulation of the argument fwbrand causes unrestricted upload.

This vulnerability is registered as CVE-2025-61678. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More