How to fix CVE-2025-55210?

Within 24 hours: Inventory all FreePBX installations and identify those running vulnerable versions (≤17.0.5). Within 7 days: Apply the available patch to all affected systems, prioritizing production environments. Within 30 days: Verify patch deployment across all instances and conduct API access log review for suspicious activity.

Is MySQL affected by CVE-2025-55210?

FreePBX instances running versions up to 17.0.5 are vulnerable to JWT forgery attacks that grant attackers complete API access without authentication.

CVE-2025-55210

HIGH

2026-02-12 [email protected]

7.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

Patch Released

Feb 27, 2026 - 13:05 nvd

Patch available

CVE Published

Feb 12, 2026 - 17:16 nvd

HIGH 7.5

Description

FreePBX is an open-source web-based graphical user interface (GUI) that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api (PBX API) is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX that they've already connected to, possibly as a lower privileged user. The JWT is signed using the api-oauth.key private key. An attacker can generate their own token if they possess this key (e.g., by accessing an affected instance), and specify any scopes they wish (e.g., rest, gql), bypassing traditional authorization checks. However, FreePBX enforces that the jti (JWT ID) claim must exist in the database (api_access_tokens table in the asterisk MySQL database) in order for the token to be accepted. Therefore, the attacker must know a jti value that already exists on the target instance. This vulnerability is fixed in 17.0.5 and 16.0.17.

Analysis

Freepbx versions up to 17.0.5 contains a vulnerability that allows attackers to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX tha (CVSS 7.5).

Technical Context

affects Freepbx. FreePBX is an open-source web-based graphical user interface (GUI) that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api (PBX API) is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT with full access to the REST and GraphQL APIs on a FreePBX that they've already connected to, possibly as a lower privileged user. The JWT is signed using the api-oauth.key private key. An attacker can

Affected Products

Vendor: Sangoma. Product: Freepbx. Versions: up to 17.0.5.

Remediation

A vendor patch is available — apply it immediately. Fixed in version 17.0.5. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +38

POC: 0

CVE-2025-55210 vulnerability details – vuln.today

Back

CVE-2025-55210

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-55210

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code