Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kamailio kamailio vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2016-2385
Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) prior to 4.3.5 allows remote malicious users to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a...
Debian Debian Linux 8.0
Kamailio Kamailio
1 EDB exploit
668
VMScore
CVE-2018-16657
In Kamailio prior to 5.0.7 and 5.1.x prior to 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcitt_string_array core function for calculating a CRC hash for To tags. (An addi...
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Kamailio Kamailio
668
VMScore
CVE-2018-14767
In Kamailio prior to 5.0.7 and 5.1.x prior to 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "build_res_buf_from_sip_req" core function...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Kamailio Kamailio
668
VMScore
CVE-2018-8828
A Buffer Overflow issue exists in Kamailio prior to 4.4.7, 5.0.x prior to 5.0.6, and 5.1.x prior to 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/t...
Kamailio Kamailio
Debian Debian Linux 9.0
Debian Debian Linux 8.0
668
VMScore
CVE-2013-7426
Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1.
Kamailio Kamailio 4.0.1-1
490
VMScore
CVE-2020-28361
Kamailio prior to 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 up to and including 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio textops modul...
Kamailio Kamailio
409
VMScore
CVE-2015-1590
The kamcmd administrative utility and default configuration in kamailio prior to 4.3.0 use /tmp/kamailio_ctl.
Kamailio Kamailio
409
VMScore
CVE-2015-1591
The kamailio build in kamailio prior to 4.2.0-2 process allows local users to gain privileges.
Kamailio Kamailio
NA
CVE-2020-27507
The Kamailio SIP prior to 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact.
Kamailio Kamailio
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started