Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-2020. PoCs published by Francois Harvey.
AI-analyzed exploit summary The provided text describes an information disclosure vulnerability in Asterisk Recording Interface due to improper input sanitization. It allows attackers to retrieve arbitrary audio files or check for the existence of files on the system.
Description
Asterisk Recording Interface (ARI) in Asterisk@Home before 2.8 stores recordings/includes/main.conf under the web document root with insufficient access control, which allows remote attackers to obtain password information.
Exploits (1)
The provided text describes an information disclosure vulnerability in Asterisk Recording Interface due to improper input sanitization. It allows attackers to retrieve arbitrary audio files or check for the existence of files on the system.