PT-2022-23880 · Unknown · Zlmediakit
50U1W4Y
·
Published
2022-08-30
·
Updated
2023-09-14
·
CVE-2022-37237
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
ZLMediaKit versions below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327
Description
An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely.
Recommendations
For versions below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327, update to a version above this commit to resolve the issue. As a temporary workaround, consider restricting access to RTMP requests until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Zlmediakit