CVE-2026-23741

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-23741
Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredumper file. The script will source the contents of /etc/asterisk/ast_debug_tools.conf, which resides in a folder that is writeable by the asterisk user:group. Due to the /etc/asterisk/ast_debug_tools.conf file following bash semantics and it being loaded; an attacker with write permissions may add or modify the file such that when the root ast_coredumper is run; it would source and thereby execute arbitrary bash code found in the /etc/asterisk/ast_debug_tools.conf. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.
CVSS

No CVSS.

References
Link Resource
https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1-rc1:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1-rc2:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert2:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert3:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert4:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert5:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert6:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert7:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert8:*:*:*:*:*:*
History

18 Feb 2026, 18:42

Type Values Removed Values Added
References () https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3 - () https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3 - Vendor Advisory
CPE cpe:2.3:a:sangoma:certified_asterisk:20.7:cert7:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert3:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert8:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1-rc2:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert6:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert4:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert5:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1:*:*:*:*:*:*
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert2:*:*:*:*:*:*
cpe:2.3:a:sangoma:certified_asterisk:20.7:cert1-rc1:*:*:*:*:*:*
First Time Sangoma asterisk
Sangoma
Sangoma certified Asterisk

06 Feb 2026, 17:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-02-06 17:16

Updated : 2026-02-18 18:42

NVD link : CVE-2026-23741

Mitre link : CVE-2026-23741

CVE.ORG link : CVE-2026-23741

JSON object : View

Products Affected

sangoma

  • asterisk
  • certified_asterisk
CWE
CWE-427

Uncontrolled Search Path Element