Asterisk AMI 18.20.0 File Content / Path Disclosure

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

Node.js VoIP penetration testing framework : Bluebox-ng

Bluebox-ng : Node.js VoIP penetration testing framework Features Auto VoIP/UC penetration test Report generation Performance RFC compliant SIP TLS and IPv6 support SIP over websockets and WSS support RFC 7118 SHODAN, exploitsearch.net and Google Dorks SIP common security tools scan,...

CVE-2014-8412

The 1 VoIP channel drivers, 2 DUNDi, and 3 Asterisk Manager Interface AMI in Asterisk Open Source 1.8.x before 1.8.32.1, 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8.28 before 1.8.28-cert3 and 11.6 before 11.6-cert8 allows remote attackers to bypass t...