CVE Details
Basic Information
| Title |
CVE-2025-47780 |
| Type |
cve |
| Published |
2025-05-22T17:15:24 |
| Last Seen |
2025-05-22T17:22:45 |
CVSS Information
| Base Score |
0.0 () |
| Attack Vector |
|
| Attack Complexity |
|
| Privileges Required |
|
| User Interaction |
|
| Scope |
|
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A vulnerability in Asterisk allows command injection due to ineffective shell command restrictions. This could enable attackers to execute arbitrary commands. |
| AI Severity |
Medium |
| Vendor |
Asterisk Community |
| Product |
Asterisk |
| Affected Version |
18.26.2, 20.14.1, 21.9.1, 22.4.1, 18.9-cert14, 20.7-cert5 |
Additional Information
| CVE List |
CVE-2025-47780 |
| CWE List |
CWE-78 |
| Bulletin Family |
cve |
Description
Asterisk is an open-source private branch exchange (PBX). Prior to versions 18.26.2, 20.14.1, 21.9.1, and 22.4.1 of Asterisk and versions 18.9-cert14 and 20.7-cert5 of certified-asterisk, trying to disallow shell commands to be run…
CVSS Score Summary
Base Score: %!f(string=#) ()
View Full CVE Details
