VYPR
Unrated severityNVD Advisory· Published Dec 5, 2022· Updated Apr 24, 2025

CVE-2022-42706

CVE-2022-42706

Description

An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected application to access files outside of the asterisk configuration directory, aka Directory Traversal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Freepbx/Asteriskcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.