First published: Thu Nov 21 2024(Updated: )
Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution.
Credit: cve@rapid7.com
Affected Software | Affected Version | How to fix |
---|---|---|
Wowza Streaming Engine | <4.9.1 | |
All of | ||
Wowza Streaming Engine | >=4.3.0<4.9.1 | |
Any of | ||
Linux Kernel | ||
Microsoft Windows Operating System |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-52052 is a critical vulnerability that allows for high-privilege remote code execution.
To fix CVE-2024-52052, update Wowza Streaming Engine to version 4.9.1 or later.
CVE-2024-52052 affects authenticated Streaming Engine Manager administrators using Wowza Streaming Engine versions below 4.9.1.
CVE-2024-52052 allows an attacker to define a custom application property and poison a stream target, leading to remote code execution.
There are no recommended workarounds for CVE-2024-52052, so it is advisable to update to the latest version immediately.