Digium Asterisk app_minivm Caller-ID Command Execution (CVE-2017-14100)
A command execution vulnerability exists in Digium Asterisk. The vulnerability is due to insufficient validation of Caller-IDs within SIP requests when the MinivmNotify dialplan function is used with an external notification program. A remote, authenticated attacker could exploit this vulnerabili...