CVE report
CVE-2025-64328criticalKEV
FreePBX >= 17.0.2.36 && < 17.0.3 - Authenticated Command Injection
Events 7d
93
Distinct IPs
13
Severity
critical
CISA KEV
Actively exploited
Daily probe volume (last 7 days)
peak: 31Downloads & integrations
Top sources probing for CVE-2025-64328
- 187.17.228.21821 eventsBrazil· LANTEC COMUNICACAO MULTIMIDIA LTDA
- 45.188.123.4517 eventsBrazil· REDE CONNECT TELECOMUNICACOES LTDA
- 110.10.176.4813 eventsSouth Korea· SK Broadband Co Ltd
- 178.214.76.1728 eventsPalestine· Gemzo information technology Private Joint-Stock company
- 175.126.148.686 eventsSouth Korea· SK Broadband Co Ltd
- 178.128.212.466 eventsSingapore· DigitalOcean, LLC
- 189.84.238.2466 eventsBrazil· UFINET PANAMA S.A.
- 167.250.224.304 eventsBrazil· OSCAR M DE CARVALHO - ME
- 45.194.99.2133 eventsSouth Korea· DAOU TECHNOLOGY
- 103.117.202.63 eventsIndia· Protoact Digital Network Pvt. Ltd.
- 167.250.224.252 eventsBrazil· OSCAR M DE CARVALHO - ME
- 45.194.99.2152 eventsSouth Korea· DAOU TECHNOLOGY
- 101.36.125.582 eventsHong Kong· UCLOUD INFORMATION TECHNOLOGY HK LIMITED
URL patterns we match
An event counts toward CVE-2025-64328 if its URL path contains any of these substrings (case-insensitive).
- · /admin/ajax.php
- · /admin/config.php