Sangoma.Asterisk.manager.c.Command.Execution
Description
This indicates an attack attempt to exploit a Command Injection Vulnerability in Sangoma Certified Asterisk.
This vulnerability is due to a lack of validation on requests to the Asterisk Manager Interface. A remote, authenticated attacker can exploit this vulnerability by sending a crafted AMI request to the target server. Successful exploitation results in the execution of arbitrary commands as the user running asterisk.
Affected Products
Sangoma Asterisk Open Source prior to 13.29.2
Sangoma Asterisk Open Source prior to 16.6.2
Sangoma Asterisk Open Source prior to 17.0.1
Sangoma Certified Asterisk prior to 13.21-cert5
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://downloads.asterisk.org/pub/security/AST-2019-007.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |