CVE report

CVE-2025-64328criticalKEV

FreePBX >= 17.0.2.36 && < 17.0.3 - Authenticated Command Injection

Events 7d

93

Distinct IPs

13

Severity

critical

CISA KEV

Actively exploited

Daily probe volume (last 7 days)

peak: 31
2026-05-14: 11 events05-142026-05-15: 24 events05-152026-05-16: 31 events05-162026-05-17: 4 events05-172026-05-19: 3 events05-192026-05-20: 20 events05-20

Downloads & integrations

Top sources probing for CVE-2025-64328

URL patterns we match

An event counts toward CVE-2025-64328 if its URL path contains any of these substrings (case-insensitive).

  • · /admin/ajax.php
  • · /admin/config.php