CVE-2026-23741

🗓️ 06 Feb 2026 16:47:19Reported by GitHub_MType

Root ast_coredumper may source writable /etc/asterisk/ast_debug_tools.conf and execute code.

Reporter	Title	Published	Views	Family All 20
ATTACKERKB	CVE-2026-23741	6 Feb 202616:47	–	attackerkb
AlpineLinux	CVE-2026-23741	6 Feb 202616:47	–	alpinelinux
Circl	CVE-2026-23741	6 Feb 202613:50	–	circl
CNNVD	Asterisk 代码问题漏洞	6 Feb 202600:00	–	cnnvd
Cvelist	CVE-2026-23741 ast_coredumper running as root sources ast_debug_tools.conf from /etc/asterisk; potentially leading to privilege escalation	6 Feb 202616:47	–	cvelist
Debian	[SECURITY] [DLA 4515-1] asterisk security update	30 Mar 202611:17	–	debian
Debian CVE	CVE-2026-23741	6 Feb 202616:47	–	debiancve
Tenable Nessus	Debian dla-4515 : asterisk - security update	30 Mar 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-23741	6 Feb 202600:00	–	nessus
EUVD	EUVD-2026-5648	6 Feb 202616:47	–	euvd

NVD

Vulners

Node

sangoma asteriskRange<20.18.2

sangoma asteriskRange21.0.0–21.12.1

sangoma asteriskRange22.0.0–22.8.2

sangoma asteriskRange23.0.0–23.2.2

sangoma certified_asteriskRange≤18.9

sangoma certified_asteriskMatch20.7cert1

sangoma certified_asteriskMatch20.7cert1-rc1

sangoma certified_asteriskMatch20.7cert1-rc2

sangoma certified_asteriskMatch20.7cert2

sangoma certified_asteriskMatch20.7cert3

sangoma certified_asteriskMatch20.7cert4

sangoma certified_asteriskMatch20.7cert5

sangoma certified_asteriskMatch20.7cert6

sangoma certified_asteriskMatch20.7cert7

sangoma certified_asteriskMatch20.7cert8

[
  {
    "vendor": "asterisk",
    "product": "asterisk",
    "versions": [
      {
        "version": "< 23.2.2",
        "status": "affected"
      },
      {
        "version": "< 22.8.2",
        "status": "affected"
      },
      {
        "version": "< 21.12.1",
        "status": "affected"
      },
      {
        "version": "< 20.18.2",
        "status": "affected"
      },
      {
        "version": "< 20.7-cert9",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3

18 Feb 2026 18:42Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.18.8

EPSS0.00041

SSVC

CWE-427