CVE-2024-49215 | Sangoma Asterisk/Certified Asterisk manager.c action_getconfig/action_getconfigJson path traversal

Inserito da Angelo Barbosa | Ott 21, 2024 | CVE

A vulnerability classified as critical has been found in Sangoma Asterisk and Certified Asterisk. This affects the function action_getconfig/action_getconfigJson of the file manager.c. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2024-49215. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-49215 | Sangoma Asterisk/Certified Asterisk manager.c action_getconfig/action_getconfigJson path traversal

Post correlati

CVE-2024-6451 | AI Engine Plugin up to 2.5.0 on WordPress File Extension logs_path unrestricted upload

CVE-2021-47373 | Linux Kernel up to 4.14.248/4.19.208/5.4.149/5.10.69/5.14.8 gic-v3-its its_vpe_init off-by-one

CVE-2023-50271 | HPE System Management Homepage prior A.3.2.23.09 on HP-UX information disclosure

CVE-2024-25619 | Mastodon up to 3.5.17/4.0.13/4.1.13/4.2.5 OAuth Application operation after expiration (GHSA-7w3c-p9j8-mq3x)