CVE-2007-6170

NONE

SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows re

Publicado: 11/30/2007Actualizado: 4/9/2025
Ver en NVDVer en MITRE

Descripción

SQL injection vulnerability in the Call Detail Record Postgres logging engine (cdr_pgsql) in Asterisk 1.4.x before 1.4.15, 1.2.x before 1.2.25, B.x before B.2.3.4, and C.x before C.1.0-beta6 allows remote authenticated users to execute arbitrary SQL commands via (1) ANI and (2) DNIS arguments.

Análisis IAImpulsado por IA

Productos Afectados

digiumasterisk
digiumasterisk
digiumasterisk
digiumasterisk
c.1.0
digiumasterisk
c.1.0
digiumasterisk
c.1.0
digiumasterisk
c.1.0
digiumasterisk
c.1.0
debiandebian_linux
3.1
debiandebian_linux
4.0

Referencias