Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sangoma certified asterisk vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-26717
An issue exists in Sangoma Asterisk 16.x prior to 16.16.1, 17.x prior to 17.9.2, and 18.x prior to 18.2.1 and Certified Asterisk prior to 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in t...
Digium Asterisk
Digium Certified Asterisk 16.8
5
CVSSv2
CVE-2019-18976
An issue exists in res_pjsip_t38.c in Sangoma Asterisk up to and including 13.x and Certified Asterisk up to and including 13.21-x. If it receives a re-invite initiating T.38 faxing and has a port of 0 and no c line in the SDP, a NULL pointer dereference and crash will occur. Thi...
Digium Certified Asterisk 13.21
Digium Asterisk
Debian Debian Linux 9.0
9
CVSSv2
CVE-2019-18610
An issue exists in manager.c in Sangoma Asterisk up to and including 13.x, 16.x, 17.x and Certified Asterisk 13.21 up to and including 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AM...
Digium Certified Asterisk 13.21.0
Digium Asterisk
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2019-18790
An issue exists in channels/chan_sip.c in Sangoma Asterisk 13.x prior to 13.29.2, 16.x prior to 16.6.2, and 17.x prior to 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not nee...
Digium Certified Asterisk 13.21.0
Digium Asterisk
Debian Debian Linux 8.0
Debian Debian Linux 9.0
5
CVSSv2
CVE-2021-32558
An issue exists in Sangoma Asterisk 13.x prior to 13.38.3, 16.x prior to 16.19.1, 17.x prior to 17.9.4, and 18.x prior to 18.5.1, and Certified Asterisk prior to 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur...
Digium Asterisk
Digium Certified Asterisk 16.8
Debian Debian Linux 9.0
Debian Debian Linux 11.0
NA
CVE-2021-46837
res_pjsip_t38 in Sangoma Asterisk 16.x prior to 16.16.2, 17.x prior to 17.9.3, and 18.x prior to 18.2.2, and Certified Asterisk prior to 16.8-cert7, allows an malicious user to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by...
Asterisk Certified Asterisk 16.8.0
Digium Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2