Vigil@nce - Asterisk Open Source: directory traversal via GetConfig AMI Actio, analyzed on 02/12/2022
February 2023 by Vigil@nce
An attacker can traverse directories of Asterisk Open Source, via GetConfig AMI Actio, in order to read a file outside the service root path.
Plus d'information sur : https://vigilance.fr/vulnerability/Asterisk-Open-Source-directory-traversal-via-GetConfig-AMI-Actio-40002