This page aggregates publicly disclosed CVE and security risk information related to asteriskathome, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2006-2021 | Absolute path traversal vulnerability in recordings/misc/audio.php in the Asterisk Recording Interface (ARI) web interface in Asterisk@Home before 2.8 allows remote attackers to read arbitrary MP3, WAV, and GSM files via a full pathname in the recording parameter. NOTE: this issue can also be used to determine existence of files. | [email protected] | 5.0 | 0.71% | 2006-04-25 | 2026-04-16 |
| CVE-2006-2020 | Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores recordings/includes/main.conf under the web document root with insufficient access control, which allows remote attackers to obtain password information. | [email protected] | 7.8 | 10.87% | 2006-04-25 | 2026-04-16 |