Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asterisk asterisk a vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2020-5722
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions prior to 1.0.19.20 or inject HTML in password recovery emai...
Grandstream Ucm6200 Firmware
1 EDB exploit
1 Metasploit module
1000
VMScore
CVE-2014-7235
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in FreePBX prior to 2.9.0.9, 2.10.x, and 2.11 prior to 2.11.1.5 allows remote malicious users to execute arbitrary code via the ari_auth cookie, related to the PHP unserialize function, a...
Freepbx Freepbx 2.10.0.10
Freepbx Freepbx 2.10.0.3
Freepbx Freepbx 2.10.0.1
Freepbx Freepbx 2.11.1.1
Freepbx Freepbx 2.11.1.4
Freepbx Freepbx 2.11.1.3
Freepbx Freepbx 2.10.0.2
Freepbx Freepbx 2.10.0.8
Freepbx Freepbx 2.10.0.5
Freepbx Freepbx 2.10.0.6
Freepbx Freepbx 2.10.0.4
Freepbx Freepbx 2.10.0.7
Freepbx Freepbx 2.11.1.0
Freepbx Freepbx 2.10.0.0
Freepbx Freepbx 2.10.0.9
Freepbx Freepbx 2.11.1.2
Sangoma Freepbx
Sangoma Freepbx 2.11.0.0
Sangoma Freepbx 2.11.0.1
Sangoma Freepbx 2.11.0.2
Sangoma Freepbx 2.11.0.3
Sangoma Freepbx 2.11.0.4
1 EDB exploit
958
VMScore
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
940
VMScore
CVE-2019-10662
Grandstream UCM6204 prior to 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI.
Grandstream Ucm6204 Firmware
1 Metasploit module
905
VMScore
CVE-2009-0351
Stack-based buffer overflow in WFTPSRV.exe in WinFTP 2.3.0 allows remote authenticated users to execute arbitrary code via a long LIST argument beginning with an * (asterisk) character.
Wftpserver Winftp Ftp Server 2.3.0
1 EDB exploit
890
VMScore
CVE-2011-0372
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.5.x allows remote malicious users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640.
Cisco Telepresence System Software 1.2.3
Cisco Telepresence System Software 1.3.2
Cisco Telepresence System Software 1.4.7
Cisco Telepresence System Software 1.5.1
Cisco Telepresence System Software 1.5.3
Cisco Telepresence System Software 1.5.10
Cisco Telepresence System Software 1.5.11
Cisco Telepresence System Software 1.5.12
Cisco Telepresence System Software 1.5.13
Cisco Telepresence System 1000
Cisco Telepresence System 1100
Cisco Telepresence System 3000
Cisco Telepresence System 1300 Series
Cisco Telepresence System 3200 Series
Cisco Telepresence System 500 Series
890
VMScore
CVE-2011-0376
The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x up to and including 1.5.x, 1.6.0, and 1.6.1 allows remote malicious users to obtain sensitive information via a GET request, aka Bug ID CSCte43876.
Cisco Telepresence System Software 1.2.3
Cisco Telepresence System Software 1.3.2
Cisco Telepresence System Software 1.4.7
Cisco Telepresence System Software 1.5.1
Cisco Telepresence System Software 1.5.3
Cisco Telepresence System Software 1.5.10
Cisco Telepresence System Software 1.5.11
Cisco Telepresence System Software 1.5.12
Cisco Telepresence System Software 1.5.13
Cisco Telepresence System 1000
Cisco Telepresence System 1100
Cisco Telepresence System 3000
Cisco Telepresence System 1300 Series
Cisco Telepresence System 3200 Series
Cisco Telepresence System Software 1.6.0
Cisco Telepresence System Software 1.6.1
Cisco Telepresence System 500 Series
890
VMScore
CVE-2007-2488
The IAX2 channel driver (chan_iax2) in Asterisk prior to 20070504 does not properly null terminate data, which allows remote malicious users to trigger loss of transmitted data, and possibly obtain sensitive information (memory contents) or cause a denial of service (application ...
Asterisk Asterisk
828
VMScore
CVE-2021-37706
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not ch...
Teluu Pjsip
Asterisk Certified Asterisk 16.8.0
Asterisk Certified Asterisk
Sangoma Asterisk
Debian Debian Linux 9.0
Debian Debian Linux 10.0
828
VMScore
CVE-2008-1390
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x prior to 1.4.19-rc3 and 1.6.x prior to 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW prior to 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x prior to 1.1.0.2 generates insufficiently...
Asterisk Asterisk 1.4.12
Asterisk Asterisk 1.4.13
Asterisk Asterisk Appliance Developer Kit 0.3
Asterisk Asterisk Appliance Developer Kit 0.6
Asterisk Asterisk 1.4.18.1
Asterisk S800i 1.0
Asterisk Asterisknow Beta 7
Asterisk S800i 1.0.2
Asterisk Asterisk 1.6
Asterisk Asterisk 1.4.11
Asterisk Asterisk 1.4 Revision 95946
Asterisk Asterisknow Beta 6
Asterisk Asterisknow Beta 5
Asterisk Asterisk 1.4.3
Asterisk Asterisk 1.4 Beta
Asterisk Asterisk Business Edition C.1.0-beta8
Asterisk Asterisk 1.4.14
Asterisk S800i 1.1.0
Asterisk Asterisk 1.4.5
Asterisk Asterisk 1.4.9
Asterisk Asterisk 1.4.6
Asterisk Asterisk 1.4.17
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »