Vulnerability Database

311,378

Total vulnerabilities in the database

CVE-2024-53566

An issue in the action_listcategories() function of Sangoma Asterisk v22/22.0.0/22.0.0-rc1/22.0.0-rc2/22.0.0-pre1 allows attackers to execute a path traversal.

Published: Dec 2, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-53566
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
sangoma / asterisk	22.0.0	22.0.0.x
sangoma / asterisk	22.0.0-pre1	22.0.0-pre1.x
sangoma / asterisk	22.0.0-rc1	22.0.0-rc1.x
sangoma / asterisk	22.0.0-rc2	22.0.0-rc2.x
debian / debian_linux	11.0	11.0.x

https://gist.github.com/hyp164D1/e7c0f44ffb38c00320aa1a6d98bee616
https://github.com/asterisk/asterisk/blob/22/main/manager.c#L2556
https://lists.debian.org/debian-lts-announce/2025/02/msg00003.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo