asterisk -- AMI user could execute system commands

2019-10-10T00:00:00
ID 49B61AB6-0D04-11EA-87CA-001999F8D30B
Type freebsd
Reporter FreeBSD
Modified 2019-10-10T00:00:00

Description

The Asterisk project reports:

A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.