Asterisk Project Security Advisory - A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands.
fda4a6a55d938370b2cff51231d5b5cedb7a698db9552d692348f87f6dd26560