Skip to main content

Tags Denial of Service

OpenSIPS: Denial of service in presence.handle_publish() from unchecked Content-Type state

Published on May 21, 2026 in , , ,

Description

OpenSIPS published GHSA-h3ww-hchh-x2g9 for a configuration-dependent crash in modules/presence/publish.c:handle_publish(). The vulnerable path calls get_content_type(msg) while sphere checking is enabled, but can reach that call without safe Content-Type parser state.

Read more about OpenSIPS: Denial of service in presence.handle_publish() from unchecked Content-Type state

OpenSIPS: Watcherinfo XML generation denial of service from oversized watcher URI

Published on May 21, 2026 in , , ,

Description

OpenSIPS published GHSA-gx83-2gh8-7v56 for a denial-of-service vulnerability in watcherinfo XML generation. The issue is caused by an oversized watcher URI being copied into a fixed-size stack buffer in modules/presence/notify.c:create_winfo_xml().

Read more about OpenSIPS: Watcherinfo XML generation denial of service from oversized watcher URI

OpenSIPS: Denial of service in SDP bandwidth parsing via QoS SDP cloning

Published on May 21, 2026 in , , ,

Description

OpenSIPS published GHSA-rh36-mhpv-cx2r for malformed SDP bandwidth-line handling in parser/sdp/sdp_helpr_funcs.c:extract_bwidth(). A missing delimiter can corrupt parsed SDP metadata, which can later crash OpenSIPS when the state is cloned by dialog/QoS handling.

Read more about OpenSIPS: Denial of service in SDP bandwidth parsing via QoS SDP cloning

OpenSIPS: Denial of service in IMC #list member listing

Published on May 21, 2026 in , ,

  • CVSS v4.0, Enable Security assessment
  • Other references:
  • CVE: not assigned in the OpenSIPS GitHub advisory as of 2026-06-02
  • Fixed versions: OpenSIPS 3.6.6, OpenSIPS 4.0.0-rc1, and master at or after 76afe3420
  • Enable Security Advisory: https://www.enablesecurity.com/advisories/ES2026-04-opensips-imc-list-buffer-overflow/
  • Tested vulnerable version: OpenSIPS 3.5.9
  • Timeline:
    • Enable Security reproduced the issue: 2026-04-30
    • Additional verification: 2026-05-15
    • OpenSIPS advisory: 2026-05-21
    • Enable Security advisory: 2026-05-21

Description

OpenSIPS published GHSA-3qr5-cgpj-hxhx for an unchecked fixed-buffer copy in modules/imc/imc_cmd.c:imc_handle_list() while building an IMC room member list reply.

Read more about OpenSIPS: Denial of service in IMC #list member listing

SIPGO: Response DoS vulnerability via nil pointer dereference

Published on Dec 17, 2025 in , , ,

Description

A nil pointer dereference vulnerability was discovered in the SIPGO library’s NewResponseFromRequest function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header.

Read more about SIPGO: Response DoS vulnerability via nil pointer dereference

Sandro talks RTC Security with Safety Detectives

Published on Aug 6, 2025 in ,

Our CEO discusses why generic security tools fail for voice protocols, how ESAP addresses RTC-specific vulnerabilities, and emerging AI threats in real-time communications.…

Read more about Sandro talks RTC Security with Safety Detectives

Rtpengine RTP Injection and Media Bleed Vulnerabilities (CVE-2025-53399)

Published on Jul 31, 2025 in , , , , ,

We published a critical security advisory for rtpengine affecting versions mr13.3.1.4 and lower, allowing RTP injection and media redirection attacks. These vulnerabilities can be exploited without man-in-the-middle positioning and affect both plaintext RTP and encrypted SRTP sessions. Organizations should upgrade to mr13.4.1.1 and review configuration settings.…

Read more about Rtpengine RTP Injection and Media Bleed Vulnerabilities (CVE-2025-53399)

New White Paper: DTLS “ClientHello” Race Conditions in WebRTC Implementations

Published on Oct 15, 2024 in , , ,

Our white paper on DTLS ClientHello race conditions in WebRTC reveals vulnerabilities in RTPEngine, Asterisk, FreeSWITCH, and Skype. We tested platforms including Janus, Discord, Google Meet, and Zoom, and provide mitigation strategies for secure real-time communication.…

Read more about New White Paper: DTLS "ClientHello" Race Conditions in WebRTC Implementations

A Novel DoS Vulnerability affecting WebRTC Media Servers

Published on Jun 25, 2024 in , , ,

Executive summary (TL;DR)

A critical denial-of-service (DoS) vulnerability has been identified in media servers that process WebRTC’s DTLS-SRTP, specifically in their handling of ClientHello messages. This vulnerability arises from a race condition between ICE and DTLS traffic and can be exploited to disrupt media sessions, compromising the availability of real-time communication services. Mitigations include filtering packets based on ICE-validated IP and port combinations. The article also indicates safe testing methods and strategies for detecting the attack.

Read more about A Novel DoS Vulnerability affecting WebRTC Media Servers

FreeSWITCH: denial of service via DTLS Hello packets during call initiation

Published on Dec 22, 2023 in , , ,

TL;DR

When handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.

Read more about FreeSWITCH: denial of service via DTLS Hello packets during call initiation

Subscribe

Receive high-quality, low-volume RTC security research, news and occasional updates about what we're up to.

Interested in our services? Let's collaborate.
Get in touch

We hate spam and are committed to protecting and respecting your privacy. You can unsubscribe from our communications at any time. By subscribing, you are agreeing to the Privacy Policy.