PatchSiren

Aster Telecom CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Aster Telecom CVE published 2026-07-12

CVE-2026-15482

A SQL injection vulnerability has been identified in Aster Telecom Azcall 10/11, affecting some unknown processing of the file /azcall/adm/gestao_loja/sis.php?t=consultar of the HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to SQL injection. The attack may be performed remotely. This issue has been made public and could be used for attacks. However, the vendor did not [truncated]