The vulnerability of Asterisk management systems, related to deficiencies in access control, allows attackers to escalate their privileges.

The vulnerability of Asterisk management systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to gain increased privileges...

ROS-20250121-08

Vulnerability of Asterisk management systems is related to improper access restrictions for users with the the "write=originate" role. Exploitation of the vulnerability could allow an attacker acting remotely, escalate privileges on the system...

PT-2023-7804 · Asterisk +3 · Asterisk +3

Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 18.20.1, 20.5.1, and 21.0.1 certified-asterisk versions prior to 18.9-cert6 Description: The issue is related to the Asterisk Management Interface AMI and is caused by incorrect restriction of the directory path nam...

The vulnerability of the app_minivm module in the MinivmNotify application of Asterisk and Certified Asterisk management systems allows a perpetrator to execute arbitrary commands.

The vulnerability of the appminivm module in the MinivmNotify application of the Asterisk control system and Certified Asterisk is related to insufficient validation of input data transmitted using the “externnotify” option. The identifier’s name and number, obtained from an unreliable source, ar...

FreePBX Remote Command Execution Vulnerability (CNVD-2016-08542)

FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk IP telephony system through a GUI web-based graphical interface. A remote command execution vulnerability exists in the FreePBX 'admin/modules/hotelwakeup/Hotelwakeup.class.php...

FreePBX Detection

The remote web server hosts FreePBX, an open source Asterisk management application written in PHP. C Tenable, Inc. include"compat.inc"; if description scriptid49997; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/02/05"; scriptnameenglish:"FreePBX...

asteridex-exec.txt

Hoku Security Vulnerability Advisory Title: AsteriDex remote command execution Vendor URL: http://bestof.nerdvittles.com/applications/asteridex/ Type: Command injection / remote code execution Vulnerable versions: = 3.0 Risk factor: High Popularity: Low Author: Carl Livitt Contact: [email protected]...

AsteriDex (Asterisk / Trixbox) remote code execution

Hoku Security Vulnerability Advisory Title: AsteriDex remote command execution Vendor URL: http://bestof.nerdvittles.com/applications/asteridex/ Type: Command injection / remote code execution Vulnerable versions: = 3.0 Risk factor: High Popularity: Low Author: Carl Livitt Contact: [email protected]...