Skip to main content

Pexip Infinity

31 CVEs product

Monthly

CVE-2025-30080 HIGH This Week

Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that allows remote attackers to trigger a temporary denial of service (software abort). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-37917 HIGH This Week

Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger a denial of service (software abort) via a crafted signalling message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-33850 MEDIUM This Month

Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2023-37225 MEDIUM This Month

Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pexip Infinity
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-31455 HIGH This Week

Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-31289 HIGH This Week

Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-32263 HIGH This Week

Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-29286 HIGH This Week

Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27937 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27936 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27935 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27934 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27933 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
8.2
EPSS
0.9%
CVE-2022-27932 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27931 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27930 MEDIUM This Month

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2022-27929 HIGH This Week

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-27928 HIGH This Week

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-26657 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-26656 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
8.2
EPSS
1.0%
CVE-2022-26655 HIGH This Week

Pexip Infinity 27.x before 27.3 has Improper Input Validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-26654 HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-25357 MEDIUM This Month

Pexip Infinity 27.x before 27.2 has Improper Access Control. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-23228 HIGH This Week

Pexip Infinity before 27.0 has improper WebRTC input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-31925 HIGH This Week

Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-24615 MEDIUM This Month

Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-13387 HIGH This Week

Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-12824 HIGH This Week

Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-11805 CRITICAL Act Now

Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity Reverse Proxy And Turn Server
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2017-6551 CRITICAL Act Now

Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Pexip Infinity
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2014-8779 HIGH POC This Week

Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Pexip Infinity
NVD
CVSS 2.0
7.1
EPSS
0.3%
EPSS 1% CVSS 7.5
HIGH This Week

Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that allows remote attackers to trigger a temporary denial of service (software abort). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger a denial of service (software abort) via a crafted signalling message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 8.2
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity 27.x before 27.3 has Improper Input Validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Pexip Infinity 27.x before 27.2 has Improper Access Control. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 27.0 has improper WebRTC input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity 25.x before 25.4 has Improper Input Validation, and thus an unauthenticated remote attacker can cause a denial of service via the administrative web interface. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Pexip Infinity
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pexip Infinity Reverse Proxy And Turn Server
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Pexip Infinity before 14.2 allows remote attackers to cause a denial of service (service restart) or execute arbitrary code via vectors related to Conferencing Nodes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Pexip Infinity
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

Pexip Infinity before 8 uses the same SSH host keys across different customers' installations, which allows man-in-the-middle attackers to spoof Management and Conferencing Nodes by leveraging these. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Information Disclosure Pexip Infinity
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy