Posted by Sandro Gauci via Fulldisclosure on Aug 02
Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical)
– CVSS v4.0
– Exploitability: High
– Complexity: Low
– Vulnerable system: Medium
– Subsequent system: Medium
– Exploitation: High
– Security requirements: High
– Vector: https://www.first.org/cvss/calculator/4-0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H
– Other references:…
– Read More – Full Disclosure
