CVE Tools
Sign in

CVE-2024-42365

Asterisk allows `Write=originate` as sufficient permissions for code execution / `System()` dialplan

Published: Aug 8, 2024Updated: Nov 3, 2025 Sources: CVE List NVD BDUCWE-267
7.4HIGH
NVD MITRE
EPSS Score
4.7%
Top 9.4%
CISA KEV
Not in KEV
Exploits
1 Known
Remediation
Patch Available

Description

Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with `write=originate` may change all configuration files in the `/etc/asterisk/` directory. This occurs because they are able to curl remote files and write them to disk, but are also able to append to existing files using the `FILE` function inside the `SET` application. This issue may result in privilege escalation, remote code execution and/or blind server-side request forgery with arbitrary protocol. Asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2 contain a fix for this issue.

No summary for this CVE yet.

CVSS Vector Breakdown

AV:NAC:LPR:LUI:NS:CC:LI:LA:L
Exploitability
AV:NAttack Vector
Network
AC:LAttack Complexity
Low
PR:LPrivileges Required
Low
UI:NUser Interaction
None
Scope
S:CScope
Changed
Impact
C:LConfidentiality
Low
I:LIntegrity
Low
A:LAvailability
Low
Open in CVSS calculator →

Weaknesses

CWE-267CWE-1220NVD-CWE-Other

Affected Products

asteriskasterisk
On-premWeb App
Communications / voip-telephony
certified asteriskasterisk
On-premWeb App
Communications / voip-telephony
Debian GNU/LinuxСообщество свободного программного обеспечения
On-premOS
Operating Systems / linux-distro
РЕД ОСООО «Ред Софт»
On-premOS
Operating Systems / linux-distro
AsteriskDigium, Inc.Communications
asteriskoss-projectCommunicationsaka open source, asterisk appliance developer kit
сообщество свободного программного обеспеченияoss-projectOperating Systemsaka сообщество свободного программного обеспечения, fsf
ооо «ред софт»commercialRUOperating Systemsaka red soft
digium, inc.commercialUSCommunicationsaka digium, digium inc.

Exploitability

1 exploit source identified

Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.

View exploit details
Official Patch Available
No detection template yetWe can run the check for you — a free external exposure review, no install. Check my exposure

References

https://github.com/asterisk/asterisk/blob/14367caaf7241df1eceea7c45c5b261989c2c6db/main/manager.c#L6426
github.com
https://github.com/asterisk/asterisk/blob/7d28165cb1b2d02d66e8693bd3fe23ee72fc55d8/main/manager.c#L6426
github.com
https://github.com/asterisk/asterisk/commit/42a2f4ccfa2c7062a15063e765916b3332e34cc4
github.com
and 14 more references View all →

Timeline

Published
Aug 8, 2024
Last Updated
Nov 3, 2025

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2024-42365 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows