The vulnerability of the AMI interface of Asterisk management systems for IP-telephony devices allows a hacker to gain access to and read arbitrary files.

The vulnerability of the AMI interface of Asterisk management systems for IP-telephony and Certified Asterisk is related to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker, operating remotely, to gain read access to...