Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-26713

A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession. This is caused by a signedness comparison mismatch.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
Products affected by CVE-2021-26713
  • Digium » Asterisk » Version: 16.0.0
    cpe:2.3:a:digium:asterisk:16.0.0
  • Digium » Asterisk » Version: 16.0.1
    cpe:2.3:a:digium:asterisk:16.0.1
  • Digium » Asterisk » Version: 16.1.0
    cpe:2.3:a:digium:asterisk:16.1.0
  • Digium » Asterisk » Version: 16.15.0
    cpe:2.3:a:digium:asterisk:16.15.0
  • Digium » Asterisk » Version: 16.15.1
    cpe:2.3:a:digium:asterisk:16.15.1
  • Digium » Asterisk » Version: 16.2.0
    cpe:2.3:a:digium:asterisk:16.2.0
  • Digium » Asterisk » Version: 16.2.1
    cpe:2.3:a:digium:asterisk:16.2.1
  • Digium » Asterisk » Version: 16.3.0
    cpe:2.3:a:digium:asterisk:16.3.0
  • Digium » Asterisk » Version: 16.4.0
    cpe:2.3:a:digium:asterisk:16.4.0
  • Digium » Asterisk » Version: 16.4.1
    cpe:2.3:a:digium:asterisk:16.4.1
  • Digium » Asterisk » Version: 16.5.0
    cpe:2.3:a:digium:asterisk:16.5.0
  • Digium » Asterisk » Version: 16.5.1
    cpe:2.3:a:digium:asterisk:16.5.1
  • Digium » Asterisk » Version: 16.6.0
    cpe:2.3:a:digium:asterisk:16.6.0
  • Digium » Asterisk » Version: 16.6.1
    cpe:2.3:a:digium:asterisk:16.6.1
  • Digium » Asterisk » Version: 16.6.2
    cpe:2.3:a:digium:asterisk:16.6.2
  • Digium » Asterisk » Version: 17.0.0
    cpe:2.3:a:digium:asterisk:17.0.0
  • Digium » Asterisk » Version: 17.0.1
    cpe:2.3:a:digium:asterisk:17.0.1
  • Digium » Asterisk » Version: 17.1.0
    cpe:2.3:a:digium:asterisk:17.1.0
  • Digium » Asterisk » Version: 17.2.0
    cpe:2.3:a:digium:asterisk:17.2.0
  • Digium » Asterisk » Version: 17.3.0
    cpe:2.3:a:digium:asterisk:17.3.0
  • Digium » Asterisk » Version: 17.4.0
    cpe:2.3:a:digium:asterisk:17.4.0
  • Digium » Asterisk » Version: 17.5.0
    cpe:2.3:a:digium:asterisk:17.5.0
  • Digium » Asterisk » Version: 17.5.1
    cpe:2.3:a:digium:asterisk:17.5.1
  • Digium » Asterisk » Version: 17.6.0
    cpe:2.3:a:digium:asterisk:17.6.0
  • Digium » Asterisk » Version: 17.7.0
    cpe:2.3:a:digium:asterisk:17.7.0
  • Digium » Asterisk » Version: 17.7.7
    cpe:2.3:a:digium:asterisk:17.7.7
  • Digium » Asterisk » Version: 17.8.0
    cpe:2.3:a:digium:asterisk:17.8.0
  • Digium » Asterisk » Version: 17.8.1
    cpe:2.3:a:digium:asterisk:17.8.1
  • Digium » Asterisk » Version: 17.9.0
    cpe:2.3:a:digium:asterisk:17.9.0
  • Digium » Asterisk » Version: 17.9.1
    cpe:2.3:a:digium:asterisk:17.9.1
  • Digium » Asterisk » Version: 18.0.0
    cpe:2.3:a:digium:asterisk:18.0.0
  • Digium » Asterisk » Version: 18.0.1
    cpe:2.3:a:digium:asterisk:18.0.1
  • Digium » Asterisk » Version: 18.1.0
    cpe:2.3:a:digium:asterisk:18.1.0
  • Digium » Asterisk » Version: 18.1.1
    cpe:2.3:a:digium:asterisk:18.1.1
  • Digium » Asterisk » Version: 18.2.0
    cpe:2.3:a:digium:asterisk:18.2.0
  • Digium » Certified Asterisk » Version: 16.8
    cpe:2.3:a:digium:certified_asterisk:16.8


Products
Pricing
Contact Us

Shodan ® - All rights reserved