Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-986n-21m7-fuc8
Vulnerability ID VCID-986n-21m7-fuc8
Aliases CVE-2010-1224
Summary main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
epss 0.01 https://api.first.org/data/v1/epss?cve=CVE-2010-1224
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2010-1224
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1224
576560 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576560
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.76925
EPSS Score 0.01
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T16:30:41.825864+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.0.0