{"uuid": "9dae86b1-7a9b-44d6-a0c3-9e9087832b80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-64328", "type": "exploited", "source": "https://t.me/thehackernews/8505", "content": "\ud83d\udea8 WARNING: ~900 Sangoma FreePBX systems remain compromised via CVE-2025-64328, a command injection bug patched in 17.0.3.\n\nThe flaw allows authenticated shell access. Fortinet links the activity to INJ3CTOR3 deploying EncystPHP. Patch and restrict admin access.\n\n\ud83d\udd17 Read \u2192 https://thehackernews.com/2026/02/900-sangoma-freepbx-instances.html", "creation_timestamp": "2026-02-27T19:14:39.000000Z"}