Plattform
other
Komponente
astpp
Behoben in
4.0.2
CVE-2020-37153 describes a Remote Code Execution (RCE) vulnerability discovered in ASTPP versions 4.0.1–4.0.1. This flaw allows attackers to inject system commands and potentially execute arbitrary code with root privileges, compromising the entire system. The vulnerability stems from command injection and cross-site scripting flaws within the SIP device configuration and plugin management interfaces. A fix is available, and immediate action is recommended.
The impact of CVE-2020-37153 is severe. Successful exploitation allows an attacker to gain root access to the ASTPP server, effectively granting them complete control over the system. This can lead to data breaches, system disruption, and the installation of malicious software. The ability to manipulate cron tasks further amplifies the risk, enabling persistent access and automated malicious activities. The combination of command injection and cross-site scripting provides multiple attack vectors, increasing the likelihood of exploitation. Compromise of the ASTPP server could also lead to lateral movement within the network, impacting other connected systems.
CVE-2020-37153 was published on 2026-02-11. The vulnerability's severity is CRITICAL (CVSS 9.8). Public proof-of-concept exploits are likely to emerge given the ease of command injection. The potential for root access makes this a high-priority vulnerability for remediation. No KEV listing or confirmed exploitation reports are currently available.
Organizations utilizing ASTPP 4.0.1 for SIP device management are at significant risk. This includes VoIP providers, contact centers, and businesses relying on ASTPP for telephony infrastructure. Systems with exposed ASTPP interfaces and inadequate access controls are particularly vulnerable.
• linux / server:
journalctl -u astpp | grep -i "command injection"• generic web:
curl -I <ASTPP_URL>/sip_config.php | grep -i "X-Content-Type-Options"• linux / server:
lsof -i :5060 | grep astppdisclosure
Exploit-Status
EPSS
0.15% (35% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2020-37153 is to upgrade ASTPP to a patched version as soon as possible. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider implementing temporary workarounds. Restrict access to the SIP device configuration and plugin management interfaces to trusted users only. Implement strict input validation on all user-supplied data to prevent command injection. Monitor system logs for suspicious activity, particularly related to cron tasks and SIP device configuration changes. Consider deploying a Web Application Firewall (WAF) with rules to detect and block malicious requests targeting these interfaces.
Aktualisieren Sie ASTPP auf eine Version nach 4.0.1, die die Cross-Site Scripting (XSS) und Command Injection-Schwachstellen behebt. Weitere Informationen zur neuesten Version und zu den Aktualisierungsanweisungen finden Sie auf der offiziellen ASTPP-Website.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2020-37153 is a critical Remote Code Execution vulnerability in ASTPP versions 4.0.1–4.0.1, allowing attackers to execute arbitrary code with root privileges through SIP device configuration and plugin management interfaces.
If you are running ASTPP version 4.0.1, you are affected by this vulnerability. Upgrade to a patched version as soon as possible.
The recommended fix is to upgrade ASTPP to a patched version. If immediate upgrade is not possible, restrict access and implement input validation as temporary mitigations.
While no confirmed exploitation reports are currently available, the vulnerability's severity and ease of exploitation suggest active exploitation is possible.
Refer to the ASTPP project website or security mailing lists for the official advisory and patch information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.