CNNVD-202508-065 Information
Aug 01, 2025
cve
CNNVD ID
CNNVD-202508-065
Related CVE
- CNNVD Published: 2025-08-01
Description (Chinese)
Asterisk是Asterisk开源的一款PBX系统的软件,运行在Linux系统上,支持使用SIP、IAX、H323协议进行IP通话。 Asterisk存在代码问题漏洞,该漏洞源于asterisk/res/res_stir_shaken/verification.c存在远程拒绝服务和可能远程代码执行。
Description (English)
Asterisk is a software for the Asterisk open source of the PBX system, which operates on the Linux system and supports IP calls using the SIP, IAX, H323 protocols. Asterisk has a code gap, which stems from the presence of remote rejection services and possible remote code implementation.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
Asterisk
Published
2025-08-01
Last Modified
2026-02-24
References
https://github.com/asterisk/asterisk/security/advisories/GHSA-mrq5-74j5-f5cr
Patch
https://www.asterisk.org/downloads/
Share on: