CVE-2024-42365

HIGH EPSS 90.7%
Published Aug 8, 20241y ago · Modified Jun 17, 20262w ago
8.8 CVSS 3.1
High
Find Similar
Published Aug 8, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs because they are able to curl remote files and write them to disk, but are also able to append to existing files using the `FILE` function inside the `SET` application. This issue may result in privilege escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 contain a fix for this issue.

CVSS Details

Base Score
8.8
Exploitability
2.8
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
90.7% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 2

CWE-1220
CWE-267

Affected Products 56

VendorProductVersionRange
asteriskasterisk* <18.24.2
asteriskasterisk*≥19.0.0  –  <20.9.1
asteriskasterisk21.4.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk13.13.0any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk16.8.0any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk18.9any
asteriskcertified_asterisk20.7any
asteriskcertified_asterisk20.7any
asteriskcertified_asterisk20.7any

References 9

  • github.com https://github.com/asterisk/asterisk/blob/14367caaf7241df1eceea7c45c5b261989c2c6db/main/manager.c#L6426
    Issue Tracking
  • github.com https://github.com/asterisk/asterisk/blob/7d28165cb1b2d02d66e8693bd3fe23ee72fc55d8/main/manager.c#L6426
    Issue Tracking
  • github.com https://github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/7a0090325bfa9d778a39ae5f7d0a98109e4651c8
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/b4063bf756272254b160b6d1bd6e9a3f8e16cc71
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/bbe68db10ab8a80c29db383e4dfe14f6eafaf993
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/faddd99f2b9408b524e5eb8a01589fe1fa282df2
    Patch
  • github.com https://github.com/asterisk/asterisk/security/advisories/GHSA-c4cg-9275-6w44
    ExploitTechnical DescriptionVendor Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2024/10/msg00016.html

Remediation

  • github.com https://github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/7a0090325bfa9d778a39ae5f7d0a98109e4651c8
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/b4063bf756272254b160b6d1bd6e9a3f8e16cc71
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/bbe68db10ab8a80c29db383e4dfe14f6eafaf993
    Patch
  • github.com https://github.com/asterisk/asterisk/commit/faddd99f2b9408b524e5eb8a01589fe1fa282df2
    Patch