Skip to main content

Tags rtpengine

Rtpengine RTP Injection and Media Bleed Vulnerabilities (CVE-2025-53399)

Published on Jul 31, 2025 in , , , , ,

We published a critical security advisory for rtpengine affecting versions mr13.3.1.4 and lower, allowing RTP injection and media redirection attacks. These vulnerabilities can be exploited without man-in-the-middle positioning and affect both plaintext RTP and encrypted SRTP sessions. Organizations should upgrade to mr13.4.1.1 and review configuration settings.…

Read more about Rtpengine RTP Injection and Media Bleed Vulnerabilities (CVE-2025-53399)

Subscribe

Receive high-quality, low-volume RTC security research, news and occasional updates about what we're up to.

Interested in our services? Let's collaborate.
Get in touch

We hate spam and are committed to protecting and respecting your privacy. You can unsubscribe from our communications at any time. By subscribing, you are agreeing to the Privacy Policy.