cbcvebase.
CVE-2010-0685
published 2010-02-23

CVE-2010-0685: The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the…

PriorityP420medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
1.38%
68.7th percentile
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent attackers to inject strings into the dialplan using metacharacters that are injected when the variable is expanded, as demonstrated using the Dial application to process a crafted SIP INVITE message that adds an unintended outgoing channel leg. NOTE: it could be argued that this is not a vulnerability in Asterisk, but a class of vulnerabilities that can occur in any program that uses this feature without the associated filtering functionality that is already available.

Affected

99 ranges· showing 25
VendorProductVersion rangeFixed in
debianasterisk< asterisk 1:1.6.2.6-1 (bullseye)asterisk 1:1.6.2.6-1 (bullseye)
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.