# Webrtc Security

- [DVRTC v0.2.0: pbx2 and SIP SQL injection](/blog/dvrtc-v0-2-0-adds-pbx2-and-sql-injection.md) (2026-04-21)
- [AI is coming for your C code and it does not need coffee](/blog/ai-coming-for-your-c-code.md) (2026-04-03)
- [Introducing DVRTC: a vulnerable lab for RTC security](/blog/introducing-dvrtc-damn-vulnerable-real-time-communications.md) (2026-03-27)
- [Securing coturn: Configuration Guide](/blog/coturn-security-configuration-guide.md) (2026-02-25)
- [TURN Server Security Best Practices](/blog/turn-security-best-practices.md) (2026-02-25)
- [TURN Security Threats: A Hacker's View](/blog/turn-server-security-threats.md) (2026-02-12)
- [VoIP Eavesdropping: How it Works, Threats & Defense Tactics ](/blog/voip-eavesdropping-defense.md) (2025-10-09)
- [Rtpengine RTP Injection and Media Bleed Vulnerabilities (CVE-2025-53399)](/blog/rtpengine-critical-security-advisory-cve-2025-53399.md) (2025-07-31)
- [New White Paper: DTLS "ClientHello" Race Conditions in WebRTC Implementations](/blog/webrtc-hello-race-conditions-paper.md) (2024-10-15)
- [TADSummit Innovators Podcast reviews the Last 6 Months of RTC Security Trends with Sandro Gauci](/blog/tadsummit-innovators-podcast-with-sandro-gauci.md) (2024-07-26)
- [A Novel DoS Vulnerability affecting WebRTC Media Servers](/blog/novel-dos-vulnerability-affecting-webrtc-media-servers.md) (2024-06-25)
- [Exploiting CVE-2022-0778, a bug in OpenSSL vis-à-vis WebRTC platforms](/blog/exploiting-cve-2022-0778-in-openssl-vs-webrtc-platforms.md) (2022-04-08)
- [Details about CVE-2020-26262, bypass of Coturn's default access control protection](/blog/cve-2020-26262-bypass-of-coturns-access-control-protection.md) (2021-01-11)
- [RTC Security chat at Kamailio World Online with Daniel and Olle](/blog/kamailio-world-2020-rtc-security.md) (2020-10-05)
- [Kamailio World Online SIP and VoIP Security Panel](/blog/kamailio-world-online-sip-and-voip-security-panel.md) (2020-08-27)
- [Bug bounty bout report 0x01 - WebRTC edition](/blog/bug-bounty-bout-0x01-webrtc-edition.md) (2020-06-16)
- [Jitsi Meet on Docker default passwords - how bad is it, how to detect and fix it](/blog/jitsi-meet-on-docker-default-password-exploitation.md) (2020-04-20)
- [How we abused Slack's TURN servers to gain access to internal services](/blog/slack-webrtc-turn-compromise-and-bug-bounty.md) (2020-04-06)