Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L
Lifecycle Timeline
3DescriptionCVE.org
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Analysis
Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network.
Technical ContextAI
Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls. This vulnerability is classified as Buffer Over-read (CWE-126).
RemediationAI
Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.
More in Wcn3610 Firmware
View allInformation disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t
CVE-2024-53026 is an information disclosure vulnerability in IMS (IP Multimedia Subsystem) implementations affecting VoL
CVE-2024-53021 is an information disclosure vulnerability in RTCP (Real-time Transport Control Protocol) packet processi
CVE-2024-53020 is an information disclosure vulnerability in RTP (Real-time Transport Protocol) packet processing that o
Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential f
Memory corruption while handling file descriptor during listener registration/de-registration. Rated high severity (CVSS
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE. Rated high sever
Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. Rated high se
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. Rated high severity (CVSS 7.5
Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSp
Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely
Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.
Same weakness CWE-126 – Buffer Over-read
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-20492