CVE-2022-26499

EPSS 0.66% · P71 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-26499

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Asterisk 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Asterisk是一款PBX系统的软件，运行在Linux系统上，支持使用SIP、IAX、H323协议进行IP通话。 Asterisk 19.x 版本及之前版本 STIR/SHAKEN 存在安全漏洞，该漏洞源于可以使用 Identity 标头向 localhost 等接口发送任意请求（例如 GET）。该问题在 16.25.2、18.11.2 和 19.3.2 中已修复。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-26499

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-26499

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-04-15 · 67 CVEs total

CVE-2022-24279	7.5 HIGH	Prototype Pollution
CVE-2022-29287	4.9 MEDIUM	Kentico 安全漏洞
CVE-2022-27425		Chamilo LMS 跨站脚本漏洞
CVE-2021-44494		YottaDB 代码问题漏洞
CVE-2022-27423		Chamilo LMS SQL注入漏洞
CVE-2021-44508		FIS GT.M 代码问题漏洞
CVE-2021-44506		FIS GT.M 代码问题漏洞
CVE-2022-27257		Hubzilla 安全漏洞
CVE-2021-44505		FIS GT.M 代码问题漏洞
CVE-2021-44504		FIS GT.M 安全漏洞
CVE-2021-44503		FIS GT.M 缓冲区错误漏洞
CVE-2021-44502		FIS GT.M 安全漏洞
CVE-2021-44501		FIS GT.M 代码问题漏洞
CVE-2021-44500		FIS GT.M数字错误漏洞
CVE-2021-44499		FIS GT.M 缓冲区错误漏洞
CVE-2021-44498		FIS GT.M 代码问题漏洞
CVE-2021-44497		FIS GT.M 资源管理错误漏洞
CVE-2021-44496		YottaDB缓冲区错误漏洞
CVE-2021-44495		YottaDB 代码问题漏洞
CVE-2021-44493		YottaDB 安全漏洞

Showing top 20 of 67 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-26499

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-26499

I. Basic Information for CVE-2022-26499

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-26499

III. Intelligence Information for CVE-2022-26499

Same Patch Batch · n/a · 2022-04-15 · 67 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-26499

Leave a comment