Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sangoma asterisk vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2023-49786
Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk before 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS ...
Sangoma Certified Asterisk 18.9
Sangoma Certified Asterisk 13.13.0
Sangoma Certified Asterisk 16.8.0
Digium Asterisk 21.0.0
Digium Asterisk
4.9
CVSSv3
CVE-2022-42706
An issue exists in Sangoma Asterisk up to and including 16.28, 17 and 18 up to and including 18.14, 19 up to and including 19.6, and certified up to and including 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the ...
Sangoma Asterisk
Sangoma Certified Asterisk 18.9
Sangoma Certified Asterisk
Sangoma Asterisk 20.0.0
4.8
CVSSv3
CVE-2018-15891
An issue exists in FreePBX core prior to 3.0.122.43, 14.0.18.34, and 5.0.1beta4. By crafting a request for adding Asterisk modules, an attacker is able to store JavaScript commands in a module name.
Sangoma Freepbx 15.0.1
Freepbx Freepbx 15.0.1
Sangoma Freepbx
NA
CVE-2023-26566
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST Interface (ARI), which allows remote malicious users to reconfigure Asterisk and make external and internal calls via HTTP and WebSocket requests sent to the API.
NA
CVE-2014-7235
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX prior to 2.9.0.9, 2.10.x, and 2.11 prior to 2.11.1.5 allows remote malicious users to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, a...
Freepbx Freepbx 2.10.0.5
Freepbx Freepbx 2.10.0.6
Sangoma Freepbx 2.11.0.2
Sangoma Freepbx 2.11.0.3
Freepbx Freepbx 2.10.0.1
Freepbx Freepbx 2.10.0.2
Freepbx Freepbx 2.10.0.9
Freepbx Freepbx 2.10.0.10
Freepbx Freepbx 2.11.1.1
Freepbx Freepbx 2.11.1.2
Sangoma Freepbx
Freepbx Freepbx 2.10.0.0
Freepbx Freepbx 2.10.0.7
Freepbx Freepbx 2.10.0.8
Sangoma Freepbx 2.11.0.4
Freepbx Freepbx 2.11.1.0
Freepbx Freepbx 2.10.0.3
Freepbx Freepbx 2.10.0.4
Sangoma Freepbx 2.11.0.0
Sangoma Freepbx 2.11.0.1
Freepbx Freepbx 2.11.1.3
Freepbx Freepbx 2.11.1.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3