SQL Injection Vulnerability in Asterisk-Addons by Digium
CVE-2007-5488

Currently unrated

Key Information:

Vendor

Asterisk

Status
Asterisk-addons
Vendor
CVE Published:
17 October 2007

What is CVE-2007-5488?

A vulnerability exists in the cdr_addon_mysql component of Asterisk-Addons that allows remote attackers to execute arbitrary SQL commands. This exploitation occurs when inserting records, specifically through manipulation of the source and destination numbers, as well as potentially the SIP URI. If attackers succeed, they can gain unauthorized access to sensitive information or manipulate the database.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/37880
vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/37235
vdb-entryx_refsource_XF
http://www.securitytracker.com/id?1018824
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.