Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-49294 — Path Traversal in Asterisk

CWE-22 — Path Traversal6 documents5 sources

Severity

7.5HIGHNVD

EPSS

17.1%

top 4.99%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Asterisk Digium Asterisk Debian Asterisk +1 more

Timeline

PublishedDec 14

Latest updateMar 28

Description

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the `live_dangerously` is not enabled. This allows arbitrary files to be read. Asterisk versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, contain a fix for this issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

▶NVDsangoma/certified_asterisk13.13.0, 16.8.0, 18.9+2

▶NVDdigium/asterisk19.0.0 — 20.5.1+2

▶debiandebian/asterisk< asterisk 1:16.28.0~dfsg-0+deb11u4 (bullseye)

▶CVEListV5asterisk/asterisk< 18.20.1+3

▶Debianasterisk/asterisk< 1:16.28.0~dfsg-0+deb11u4

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2023-49294: Asterisk is an open source private branch exchange and telephony toolkit↗2023-12-14

▶

💥Exploits & PoCs

Exploit-DB

Asterisk AMI - Partial File Content & Path Disclosure (Authenticated)↗2024-03-28

▶

📋Vendor Advisories

Debian

CVE-2023-49294: asterisk - Asterisk is an open source private branch exchange and telephony toolkit. In Ast...↗2023

▶

💬Community

Bugzilla

TRIAGE CVE-2023-49294 asterisk: access to arbitrary files via directory traversal [fedora-all]↗2023-12-14

▶

Bugzilla

TRIAGE CVE-2023-49294 asterisk: access to arbitrary files via directory traversal [epel-all]↗2023-12-14

▶