Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kamailio kamailio vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-27507
The Kamailio SIP prior to 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact.
Kamailio Kamailio
4.6
CVSSv2
CVE-2015-1590
The kamcmd administrative utility and default configuration in kamailio prior to 4.3.0 use /tmp/kamailio_ctl.
Kamailio Kamailio
4.6
CVSSv2
CVE-2015-1591
The kamailio build in kamailio prior to 4.2.0-2 process allows local users to gain privileges.
Kamailio Kamailio
5.5
CVSSv2
CVE-2020-28361
Kamailio prior to 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 up to and including 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio textops modul...
Kamailio Kamailio
7.5
CVSSv2
CVE-2013-7426
Insecure Temporary file vulnerability in /tmp/kamailio_fifo in kamailio 4.0.1.
Kamailio Kamailio 4.0.1-1
10
CVSSv2
CVE-2016-2385
Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) prior to 4.3.5 allows remote malicious users to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a...
Debian Debian Linux 8.0
Kamailio Kamailio
1 EDB exploit
7.5
CVSSv2
CVE-2018-16657
In Kamailio prior to 5.0.7 and 5.1.x prior to 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcitt_string_array core function for calculating a CRC hash for To tags. (An addi...
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Kamailio Kamailio
7.5
CVSSv2
CVE-2018-8828
A Buffer Overflow issue exists in Kamailio prior to 4.4.7, 5.0.x prior to 5.0.6, and 5.1.x prior to 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/t...
Kamailio Kamailio
Debian Debian Linux 9.0
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2018-14767
In Kamailio prior to 5.0.7 and 5.1.x prior to 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "build_res_buf_from_sip_req" core function...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Kamailio Kamailio
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started