Arbitrary Shell Command Execution via MixMonitor Action in Asterisk Open Source and Certified Asterisk
CVE-2014-4046 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action.
Learn more about our Open Source Audit.