CVE-2025-47779

🗓️ 22 May 2025 16:54:26Reported by GitHub_MType

Vulnerable Asterisk versions allow attackers to spoof identities and send spam messages. Patch available.

Reporter	Title	Published	Views	Family All 25
AlpineLinux	CVE-2025-47779	22 May 202516:54	–	alpinelinux
Circl	CVE-2025-47779	22 May 202517:43	–	circl
CNNVD	Asterisk 安全漏洞	22 May 202500:00	–	cnnvd
Cvelist	CVE-2025-47779 Using malformed From header can forge identity with ";" or NULL in name portion	22 May 202516:54	–	cvelist
Debian	[SECURITY] [DLA 4206-1] asterisk security update	2 Jun 202521:26	–	debian
Debian CVE	CVE-2025-47779	22 May 202516:54	–	debiancve
Tenable Nessus	Debian dla-4206 : asterisk - security update	2 Jun 202500:00	–	nessus
Tenable Nessus	Fedora 44 : asterisk (2026-38d71393c1)	30 Apr 202600:00	–	nessus
Tenable Nessus	Fedora 43 : asterisk (2026-80b21debe7)	30 Apr 202600:00	–	nessus
Tenable Nessus	Fedora 42 : asterisk (2026-98decbde87)	30 Apr 202600:00	–	nessus

NVD

Vulners

Node

sangoma asteriskRange<18.26.2

sangoma asteriskRange20.0.0–20.14.1

sangoma asteriskRange21.0.0–21.9.1

sangoma asteriskRange22.0.0–22.4.1

Node

sangoma certified_asteriskRange<18.9

sangoma certified_asteriskMatch18.9-

sangoma certified_asteriskMatch18.9cert1

sangoma certified_asteriskMatch18.9cert1-rc1

sangoma certified_asteriskMatch18.9cert10

sangoma certified_asteriskMatch18.9cert11

sangoma certified_asteriskMatch18.9cert12

sangoma certified_asteriskMatch18.9cert13

sangoma certified_asteriskMatch18.9cert2

sangoma certified_asteriskMatch18.9cert3

sangoma certified_asteriskMatch18.9cert4

sangoma certified_asteriskMatch18.9cert5

sangoma certified_asteriskMatch18.9cert6

sangoma certified_asteriskMatch18.9cert7

sangoma certified_asteriskMatch18.9cert8

sangoma certified_asteriskMatch18.9cert8-rc1

sangoma certified_asteriskMatch18.9cert8-rc2

sangoma certified_asteriskMatch18.9cert9

sangoma certified_asteriskMatch20.7cert1

sangoma certified_asteriskMatch20.7cert1-rc1

sangoma certified_asteriskMatch20.7cert1-rc2

sangoma certified_asteriskMatch20.7cert2

sangoma certified_asteriskMatch20.7cert3

sangoma certified_asteriskMatch20.7cert4

[
  {
    "vendor": "asterisk",
    "product": "asterisk",
    "versions": [
      {
        "version": "< 18.9-cert14",
        "status": "affected"
      },
      {
        "version": ">= 18.10, < 18.26.2",
        "status": "affected"
      },
      {
        "version": ">= 20.0, < 20.7-cert5",
        "status": "affected"
      },
      {
        "version": ">= 20.8, < 20.14.1",
        "status": "affected"
      },
      {
        "version": ">= 21.0, < 21.9.1",
        "status": "affected"
      },
      {
        "version": ">= 22.0, < 22.4.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/asterisk/asterisk/blob/master/configs/samples/pjsip.conf.sample
github	www.github.com/asterisk/asterisk/security/advisories/GHSA-2grh-7mhv-fcfw
lists	www.lists.debian.org/debian-lts-announce/2025/06/msg00003.html

03 Nov 2025 20:19Current

7.6High risk

Vulners AI Score7.6

CVSS 3.16.5 - 7.7

EPSS0.00279

SSVC