Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327.
AnalysisAI
An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327. Affected products include: Zlmediakit.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Zlmediakit
View allZLMediaKit 4.0 is vulnerable to Directory Traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely expl
Heap buffer overflow in ZLMediaKit's VP9 RTP payload parser allows remote unauthenticated attackers to trigger denial of
Cross Site Scripting vulnerability in ZLMediaKiet v.4.0 and v.5.0 allows an attacker to execute arbitrary code via a cra
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today