2 matches found
CVE-2025-57767 Asterisk can crash from a specifically malformed Authorization header in an incoming SIP request
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header wi...
Asterisk 安全漏洞
Asterisk is an Asterisk open source software for PBX systems that runs on Linux and supports IP calls using SIP, IAX, and H323 protocols. Asterisk version 20.15.2 and versions prior to 22.5.2 have a security vulnerability that stems from the getauthorizationheader function returning NULL resultin...