CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-19365

The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.793

EPSS Ranking 99.0%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.4

References

https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html
https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt
https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html
https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt

Products affected by CVE-2018-19365

Wowza » Streaming Engine » Version: 4.7.4.0.1

cpe:2.3:a:wowza:streaming_engine:4.7.4.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19365

Products

Pricing

Contact Us