ROS-20250121-08

Vulnerability of Asterisk management systems is related to improper access restrictions for users with the the "write=originate" role. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges on the system...

PT-2023-7804 · Asterisk +3 · Asterisk +3

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 18.20.1, 20.5.1, and 21.0.1 certified-asterisk versions prior to 18.9-cert6 Description: The issue is related to the Asterisk Management Interface AMI and is caused by incorrect restriction of the directory path nam...

FreePBX Remote Command Execution Vulnerability (CNVD-2016-08542)

FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. A remote command execution vulnerability exists in the FreePBX 'admin/modules/hotelwakeup/Hotelwakeup.class.php...

FreePBX Detection

The remote web server hosts FreePBX, an open source Asterisk management application written in PHP. C Tenable, Inc. include"compat.inc"; if description scriptid49997; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/02/05"; scriptnameenglish:"FreePBX...

asteridex-exec.txt

Hoku Security Vulnerability Advisory Title: AsteriDex remote command execution Vendor URL: http://bestof.nerdvittles.com/applications/asteridex/ Type: Command injection / remote code execution Vulnerable versions: = 3.0 Risk factor: High Popularity: Low Author: Carl Livitt Contact: [email protected]...

AsteriDex (Asterisk / Trixbox) remote code execution

Hoku Security Vulnerability Advisory Title: AsteriDex remote command execution Vendor URL: http://bestof.nerdvittles.com/applications/asteridex/ Type: Command injection / remote code execution Vulnerable versions: = 3.0 Risk factor: High Popularity: Low Author: Carl Livitt Contact: [email protected]...