CVE-2026-23738

Name
CVE-2026-23738
Description
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user supplied/control values for Cookies and any GET variable query Parameter are directly interpolated into the HTML of the page using ast_str_append. The endpoint at GET /httpstatus is the potential vulnerable endpoint relating to asterisk/main /http.c. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
security-advisories@github.com https://github.com/asterisk/asterisk/security/advisories/GHSA-v6hp-wh3r-cwxh

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:* asterisk >= None <= 20.18.2
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:* asterisk >= 21.0.0 <= 21.12.1
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:* asterisk >= 22.0.0 <= 22.8.2
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:* asterisk >= 23.0.0 < 23.2.2
cpe:2.3:a:sangoma:certified_asterisk:*:*:*:*:*:*:*:* certified_asterisk >= None <= 18.9
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1:*:*:*:*:*:* certified_asterisk == None == 20.7

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
asterisk edge-main 22.8.2-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.17.0-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.15.2-r1 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.15.2-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.1-r6 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.1-r5 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.1-r4 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.1-r3 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.1-r1 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.1-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.0-r1 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.11.0-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.9.3-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.9.2-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.8.1-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 20.5.1-r0 None possibly vulnerable
asterisk edge-main 18.15.1-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.15.0-r3 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.15.0-r2 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.15.0-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.13.0-r1 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.13.0-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.11.2-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.2.2-r5 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.2.2-r4 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.2.2-r3 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.2.2-r2 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.2.2-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk edge-main 18.2.1-r0 None possibly vulnerable
asterisk edge-main 18.1.1-r0 None possibly vulnerable
asterisk edge-main 18.0.1-r0 None possibly vulnerable
asterisk edge-main 16.6.2-r0 None possibly vulnerable
asterisk edge-main 16.5.1-r0 None possibly vulnerable
asterisk edge-main 16.4.1-r0 None possibly vulnerable
asterisk edge-main 16.3.0-r0 None possibly vulnerable
asterisk edge-main 15.7.1-r0 None possibly vulnerable
asterisk 3.23-main 20.15.2-r1 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.22-main 20.11.1-r6 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.22-main 20.11.1-r5 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.22-main 20.11.1-r0 None possibly vulnerable
asterisk 3.22-main 20.9.3-r0 None possibly vulnerable
asterisk 3.22-main 20.9.2-r0 None possibly vulnerable
asterisk 3.22-main 20.8.1-r0 None possibly vulnerable
asterisk 3.22-main 20.5.1-r0 None possibly vulnerable
asterisk 3.22-main 18.15.1-r0 None possibly vulnerable
asterisk 3.22-main 18.11.2-r0 None possibly vulnerable
asterisk 3.22-main 18.2.2-r2 None possibly vulnerable
asterisk 3.22-main 18.2.1-r0 None possibly vulnerable
asterisk 3.22-main 18.1.1-r0 None possibly vulnerable
asterisk 3.22-main 18.0.1-r0 None possibly vulnerable
asterisk 3.22-main 16.6.2-r0 None possibly vulnerable
asterisk 3.22-main 16.5.1-r0 None possibly vulnerable
asterisk 3.22-main 16.4.1-r0 None possibly vulnerable
asterisk 3.22-main 16.3.0-r0 None possibly vulnerable
asterisk 3.22-main 15.7.1-r0 None possibly vulnerable
asterisk 3.21-main 20.11.1-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.21-main 20.11.0-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.21-main 20.9.3-r0 None possibly vulnerable
asterisk 3.21-main 20.9.2-r0 None possibly vulnerable
asterisk 3.21-main 20.8.1-r0 None possibly vulnerable
asterisk 3.21-main 20.5.1-r0 None possibly vulnerable
asterisk 3.21-main 18.15.1-r0 None possibly vulnerable
asterisk 3.21-main 18.11.2-r0 None possibly vulnerable
asterisk 3.21-main 18.2.2-r2 None possibly vulnerable
asterisk 3.21-main 18.2.1-r0 None possibly vulnerable
asterisk 3.21-main 18.1.1-r0 None possibly vulnerable
asterisk 3.21-main 18.0.1-r0 None possibly vulnerable
asterisk 3.21-main 16.6.2-r0 None possibly vulnerable
asterisk 3.21-main 16.5.1-r0 None possibly vulnerable
asterisk 3.21-main 16.4.1-r0 None possibly vulnerable
asterisk 3.21-main 16.3.0-r0 None possibly vulnerable
asterisk 3.21-main 15.7.1-r0 None possibly vulnerable
asterisk 3.20-main 20.9.3-r1 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.20-main 20.9.3-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.20-main 20.9.2-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.20-main 20.8.1-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.20-main 20.5.1-r0 None possibly vulnerable
asterisk 3.20-main 18.15.1-r0 None possibly vulnerable
asterisk 3.20-main 18.11.2-r0 None possibly vulnerable
asterisk 3.20-main 18.2.2-r2 None possibly vulnerable
asterisk 3.20-main 18.2.1-r0 None possibly vulnerable
asterisk 3.20-main 18.1.1-r0 None possibly vulnerable
asterisk 3.20-main 18.0.1-r0 None possibly vulnerable
asterisk 3.20-main 16.6.2-r0 None possibly vulnerable
asterisk 3.20-main 16.5.1-r0 None possibly vulnerable
asterisk 3.20-main 16.4.1-r0 None possibly vulnerable
asterisk 3.20-main 16.3.0-r0 None possibly vulnerable
asterisk 3.20-main 15.7.1-r0 None possibly vulnerable
asterisk 3.19-main 20.9.3-r1 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.19-main 20.9.3-r0 Timo Teras <timo.teras@iki.fi> possibly vulnerable
asterisk 3.19-main 20.5.1-r0 None possibly vulnerable
asterisk 3.19-main 18.15.1-r0 None possibly vulnerable
asterisk 3.19-main 18.11.2-r0 None possibly vulnerable
asterisk 3.19-main 18.2.2-r2 None possibly vulnerable
asterisk 3.19-main 18.2.1-r0 None possibly vulnerable
asterisk 3.19-main 18.1.1-r0 None possibly vulnerable
asterisk 3.19-main 18.0.1-r0 None possibly vulnerable
asterisk 3.19-main 16.6.2-r0 None possibly vulnerable
asterisk 3.19-main 16.5.1-r0 None possibly vulnerable
asterisk 3.19-main 16.4.1-r0 None possibly vulnerable
asterisk 3.19-main 16.3.0-r0 None possibly vulnerable
asterisk 3.19-main 15.7.1-r0 None possibly vulnerable