📦 Certified Asterisk
by Sangoma
🔍 What is Certified Asterisk?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A local privilege escalation vulnerability in Asterisk's safe_asterisk script allows non-root users with write access to /etc/asterisk to execute arbitrary code as root. This occurs because the script...
This vulnerability in Asterisk PBX allows authenticated attackers to spoof user identities when sending SIP MESSAGE requests, enabling them to send spam messages that appear to come from trusted sourc...
Asterisk contains a buffer overflow vulnerability in the PJSIP_HEADER dialplan function's 'update' functionality. This can cause memory corruption or crashes, potentially leading to denial of service ...
A race condition in Asterisk's DTLS-SRTP handshake allows attackers to cause denial of service by preventing new encrypted calls from being established. This affects Asterisk servers using DTLS-SRTP f...
Asterisk has a vulnerability in its STIR/SHAKEN verification module that allows remote attackers to cause denial of service or potentially execute arbitrary code. This affects Asterisk installations w...
This vulnerability allows cross-site scripting (XSS) attacks in Asterisk's web interface. Attackers can inject malicious scripts via cookies or GET parameters, which execute when users visit the /http...
This CVE describes an XML External Entity (XXE) vulnerability in Asterisk's XML parsing function. It allows attackers to read sensitive files from the host system when untrusted XML is processed. Affe...