Skip to main content

Drachtio Server

6 CVEs product

Monthly

CVE-2022-47517 HIGH POC PATCH This Week

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-47516 HIGH POC PATCH This Week

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-47515 HIGH POC PATCH This Week

An issue was discovered in drachtio-server before 0.8.20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-45909 CRITICAL PATCH Act Now

drachtio-server before 0.8.19 has a heap-based buffer over-read via a long Request-URI in an INVITE request. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Drachtio Server
NVD GitHub
CVSS 3.1
9.1
EPSS
1.0%
CVE-2022-45474 CRITICAL POC PATCH Act Now

drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Use After Free Memory Corruption Drachtio Server
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-45473 MEDIUM POC PATCH This Month

In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has mode 0666. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Drachtio Server
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.19. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

An issue was discovered in the libsofia-sip fork in drachtio-server before 0.8.20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

An issue was discovered in drachtio-server before 0.8.20. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Drachtio Server
NVD GitHub
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

drachtio-server before 0.8.19 has a heap-based buffer over-read via a long Request-URI in an INVITE request. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Drachtio Server
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Use After Free Memory Corruption +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

In drachtio-server 0.8.18, /var/log/drachtio has mode 0777 and drachtio.log has mode 0666. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Drachtio Server
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy