CRITICAL🇵🇱 Wersja polska

CVE-2024-57520

CVSS 9.8v3.1pub. 2025-02-05upd. 2025-11-06

Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary code via the action_createconfig function. NOTE: this is disputed by the Supplier because the impact is limited to creating empty files outside of the Asterisk product directory (aka directory traversal) and the attack can only be performed by a privileged user who has the ability to manage the configuration.

🤖 AI Analysis
How it works

The vulnerability classified as CWE-732 (improper resource permissions) results from lack of proper path validation in the action_createconfig function. An attacker can use this function to create empty files in locations outside the Asterisk directory, which is a classic path traversal. However, the vendor notes that this operation requires a logged-in user with configuration management permissions and is not available to anonymous attackers.

Impact

An attacker with appropriate permissions can create empty files in arbitrary locations on the server's file system. The vendor disputes the possibility of full RCE, indicating that the impact is limited to writing empty files outside the product directory.

Mitigation & patch

Apply patches available from the vendor according to the references. Since the attack requires privileged access, additionally apply the principle of least privilege and restrict access to the Asterisk management interface exclusively to trusted users and networks.

Who is affected

Sangoma Asterisk v22

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Sangoma Asterisk

    APP
    Sangoma
    22.0.0 – 22.5.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEPath Traversal
CWE
References

Related vulnerabilities

CVE-2022-21723CRITICAL9.1ten sam produkt

PJSIP is a free and open source multimedia communication library written in C language implementing standard b...

CVE-2025-1131HIGH7.0ten sam produkt

A local privilege escalation vulnerability exists in the safe_asterisk script included with the Asterisk toolk...

CVE-2025-57767HIGH7.5ten sam produkt

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, ...

CVE-2025-47779HIGH7.7ten sam produkt

Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4...

CVE-2022-37325HIGH7.5ten sam produkt

In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup...