Remote Code Execution Vulnerability in ZLMediaKit by ZLMedia
CVE-2022-37237

7.5HIGH

Key Information:

Vendor: Zlmediakit
Status: Zlmediakit
Vendor: CVE Published:; 30 August 2022

What is CVE-2022-37237?

A vulnerability in the ZLMediaKit server allows attackers to exploit the system by sending crafted RTMP requests, resulting in a remote crash of the server. This issue affects versions of ZLMediaKit prior to the commit identified by 7d8b212a3c3368bc2f6507cb74664fc419eb9327, leaving those installations susceptible to service disruption. Organizations utilizing ZLMediaKit are advised to assess their installations and apply necessary updates to mitigate this risk.

References

https://github.com/ZLMediaKit/ZLMediaKit/issues/1839

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 30, 2022
Vulnerability Reserved
Aug 1, 2022

CVE-2022-37237 Data

JSON

Zlmediakit

What is CVE-2022-37237?

References

CVSS V3.1

Timeline