CVE-2024-53566

CVE Database · CVE-2024-53566

CVE-2024-53566

· MEDIUMAnalyzed

CVSS v3.1

5.5

EPSS

0.29%

Published

Dec 2, 2024

Modified

Aug 25, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weaknesses (CWE)

CWE-22

Affected Products (5)

sangoma · asteriskvulnerable

debian · debian_linuxvulnerable

References (3)

https://gist.github.com/hyp164D1/e7c0f44ffb38c00320aa1a6d98bee616

Third Party Advisory

https://github.com/asterisk/asterisk/blob/22/main/manager.c#L2556

Product

https://lists.debian.org/debian-lts-announce/2025/02/msg00003.html

Mailing ListThird Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs