Security Advisories

Published security advisories covering vulnerabilities in VoIP, WebRTC, and telecommunications software by Enable Security.

security advisories

Oct 25, 2021

FreeSWITCH: unauthenticated SIP SUBSCRIBE requests by default Medium 5.3

CVE-2021-41157 freeswitch

Oct 25, 2021

FreeSWITCH: unauthenticated SIP MESSAGE requests allow spam and spoofing High 7.5

CVE-2021-37624 freeswitch

Oct 25, 2021

FreeSWITCH: SIP digest leak for configured gateways High 7.5

CVE-2021-41158 freeswitch owasp

Oct 25, 2021

FreeSWITCH: denial of service via SIP flooding High 7.5

CVE-2021-41145 freeswitch denial of service

Oct 25, 2021

FreeSWITCH: denial of service via invalid SRTP packets High 7.5

CVE-2021-41105 freeswitch denial of service

Mar 15, 2021

VoIPmonitor: static builds lack memory corruption protections

voipmonitor buffer overflow denial of service memory corruption

Mar 15, 2021

VoIPmonitor: cross-site scripting via SIP messages

CVE-2021-1000004 voipmonitor cross-site scripting

Mar 15, 2021

VoIPmonitor: buffer overflow in live sniffer

CVE-2021-1000005 voipmonitor buffer overflow denial of service memory corruption

Jan 11, 2021

coturn: access control bypass via loopback peer address High 7.2

CVE-2020-26262 coturn access control

Nov 20, 2020

sngrep: buffer overflow via malformed SDP media type

sngrep buffer overflow denial of service