Vulnerability Database

323,025

Total vulnerabilities in the database

CVE-2026-23740

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, when ast_coredumper writes its gdb init and output files to a directory that is world-writable (for example /tmp), an attacker with write permission(which is all users on a linux system) to that directory can cause root to execute arbitrary commands or overwrite arbitrary files by controlling the gdb init file and output paths. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.

  • Published: Feb 6, 2026
  • Updated: Feb 7, 2026
  • CVE: CVE-2026-23740
  • Severity: Info
  • Exploit:

CVSS v3:

  • Severity: Unknown
  • Score: 0
  • AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N

CWEs:

Software From Fixed in
sangoma / certified_asterisk 13.13.0 13.13.0.x
sangoma / certified_asterisk 13.13.0-cert1 13.13.0-cert1.x
sangoma / certified_asterisk 13.13.0-cert1-rc1 13.13.0-cert1-rc1.x
sangoma / certified_asterisk 13.13.0-cert1-rc2 13.13.0-cert1-rc2.x
sangoma / certified_asterisk 13.13.0-cert1-rc3 13.13.0-cert1-rc3.x
sangoma / certified_asterisk 13.13.0-cert1-rc4 13.13.0-cert1-rc4.x
sangoma / certified_asterisk 13.13.0-cert2 13.13.0-cert2.x
sangoma / certified_asterisk 13.13.0-cert3 13.13.0-cert3.x
sangoma / certified_asterisk 13.13.0-rc1 13.13.0-rc1.x
sangoma / certified_asterisk 13.13.0-rc2 13.13.0-rc2.x
sangoma / certified_asterisk 16.8-cert1-rc1 16.8-cert1-rc1.x
sangoma / certified_asterisk 16.8-cert1-rc2 16.8-cert1-rc2.x
sangoma / certified_asterisk 16.8-cert1-rc3 16.8-cert1-rc3.x
sangoma / certified_asterisk 16.8-cert1-rc4 16.8-cert1-rc4.x
sangoma / certified_asterisk 16.8-cert1-rc5 16.8-cert1-rc5.x
sangoma / certified_asterisk 16.8-cert10 16.8-cert10.x
sangoma / certified_asterisk 16.8-cert11 16.8-cert11.x
sangoma / certified_asterisk 16.8-cert12 16.8-cert12.x
sangoma / certified_asterisk 16.8-cert13 16.8-cert13.x
sangoma / certified_asterisk 16.8-cert14 16.8-cert14.x
sangoma / certified_asterisk 16.8-cert4-rc1 16.8-cert4-rc1.x
sangoma / certified_asterisk 16.8-cert4-rc2 16.8-cert4-rc2.x
sangoma / certified_asterisk 16.8-cert4-rc3 16.8-cert4-rc3.x
sangoma / certified_asterisk 16.8-cert4-rc4 16.8-cert4-rc4.x
sangoma / certified_asterisk 16.8.0 16.8.0.x
sangoma / certified_asterisk 16.8.0-cert1 16.8.0-cert1.x
sangoma / certified_asterisk 16.8.0-cert10 16.8.0-cert10.x
sangoma / certified_asterisk 16.8.0-cert11 16.8.0-cert11.x
sangoma / certified_asterisk 16.8.0-cert12 16.8.0-cert12.x
sangoma / certified_asterisk 16.8.0-cert2 16.8.0-cert2.x
sangoma / certified_asterisk 16.8.0-cert3 16.8.0-cert3.x
sangoma / certified_asterisk 16.8.0-cert4 16.8.0-cert4.x
sangoma / certified_asterisk 16.8.0-cert5 16.8.0-cert5.x
sangoma / certified_asterisk 16.8.0-cert6 16.8.0-cert6.x
sangoma / certified_asterisk 16.8.0-cert7 16.8.0-cert7.x
sangoma / certified_asterisk 16.8.0-cert8 16.8.0-cert8.x
sangoma / certified_asterisk 16.8.0-cert9 16.8.0-cert9.x
sangoma / certified_asterisk 18.9 18.9.x
sangoma / certified_asterisk 18.9-cert1 18.9-cert1.x
sangoma / certified_asterisk 18.9-cert1-rc1 18.9-cert1-rc1.x
sangoma / certified_asterisk 18.9-cert10 18.9-cert10.x
sangoma / certified_asterisk 18.9-cert11 18.9-cert11.x
sangoma / certified_asterisk 18.9-cert12 18.9-cert12.x
sangoma / certified_asterisk 18.9-cert13 18.9-cert13.x
sangoma / certified_asterisk 18.9-cert14 18.9-cert14.x
sangoma / certified_asterisk 18.9-cert15 18.9-cert15.x
sangoma / certified_asterisk 18.9-cert16 18.9-cert16.x
sangoma / certified_asterisk 18.9-cert2 18.9-cert2.x
sangoma / certified_asterisk 18.9-cert3 18.9-cert3.x
sangoma / certified_asterisk 18.9-cert4 18.9-cert4.x
sangoma / certified_asterisk 18.9-cert5 18.9-cert5.x
sangoma / certified_asterisk 18.9-cert6 18.9-cert6.x
sangoma / certified_asterisk 18.9-cert7 18.9-cert7.x
sangoma / certified_asterisk 18.9-cert8 18.9-cert8.x
sangoma / certified_asterisk 18.9-cert8-rc1 18.9-cert8-rc1.x
sangoma / certified_asterisk 18.9-cert8-rc2 18.9-cert8-rc2.x
sangoma / certified_asterisk 18.9-cert9 18.9-cert9.x
sangoma / certified_asterisk 20.7-cert1 20.7-cert1.x
sangoma / certified_asterisk 20.7-cert1-rc1 20.7-cert1-rc1.x
sangoma / certified_asterisk 20.7-cert1-rc2 20.7-cert1-rc2.x
sangoma / certified_asterisk 20.7-cert2 20.7-cert2.x
sangoma / certified_asterisk 20.7-cert3 20.7-cert3.x
sangoma / certified_asterisk 20.7-cert4 20.7-cert4.x
sangoma / certified_asterisk 20.7-cert5 20.7-cert5.x
sangoma / certified_asterisk 20.7-cert6 20.7-cert6.x
sangoma / certified_asterisk 20.7-cert7 20.7-cert7.x
sangoma / asterisk - 20.18.2
sangoma / asterisk 21.0.0 21.12.1
sangoma / asterisk 22.0.0 22.8.2
sangoma / asterisk 23.0.0 23.2.2