Tag : AMI

Home » Posts tagged AMI"

I have seen the following scenario that may lead to a corrupted and possibly invalid configuration file after using UpdateConfig through AMI, at least with Asterisk 11.25:There is a configuration file a.conf that contains several sections and also conta..

Read more


While doing a security audit on a system I maintain, I stumbled upon an unvalidated use of a variable to compose an Originate request to the local Asterisk instance via AMI. Taking as an example an earlier exploit for FreePBX, I realized that this, combi..

Read more