Asterisk Project Security Advisory - A common usage of the ${EXTEN} channel variable in a dialplan with wildcard pattern matches can lead to a possible string injection vulnerability. By having a wildcard match in a dialplan, it is possible to allow unintended calls to be executed.
6df03db49a5dc8aa44b7bba96539f3b628e043d7efe241ee610ebdeb0bc96e1b