#command-injection-vulnerability
#command-injection-vulnerability

[ follow ]

Information security

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Over 900 Sangoma FreePBX instances remain infected with web shells from CVE-2025-64328 exploitation, with 401 located in the U.S., actively exploited by threat actors delivering EncystPHP web shells.

fromSecurityWeek

6 hours ago

Information security

900 Sangoma FreePBX Instances Infected With Web Shells

Approximately 900 Sangoma FreePBX instances remain infected with web shells following exploitation of CVE-2025-64328, a post-authentication command injection vulnerability patched in November 2025.

fromThe Hacker News

1 hour ago

Information security

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

fromSecurityWeek

6 hours ago

Information security

900 Sangoma FreePBX Instances Infected With Web Shells

more#freepbx-security

[ Load more ]

#command-injection-vulnerability#command-injection-vulnerability

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

900 Sangoma FreePBX Instances Infected With Web Shells

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

900 Sangoma FreePBX Instances Infected With Web Shells

#command-injection-vulnerability
#command-injection-vulnerability