Shodan
Vulnerabilities
Vulnerable Software
Pexip:  >> Pexip Infinity  >> 16.2  Security Vulnerabilities
CVE-2025-66377
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an attacker (who already has access to execute code on one node within a Pexip Infinity installation) to impact the operation of other nodes within the installation.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-12-25
CVE-2025-66379
Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trigger a software abort via a crafted media stream, resulting in a denial of service.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-12-25
CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of service.
CVSS Score
8.2
EPSS Score
0.001
Published
2025-12-25
CVE-2025-32095
Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacker to trigger a software abort via a crafted signalling message, resulting in a denial of service.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-12-25
CVE-2024-37917
Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger a denial of service (software abort) via a crafted signalling message.
CVSS Score
7.5
EPSS Score
0.007
Published
2025-04-02
CVE-2024-33850
Pexip Infinity before 34.1 has Improper Access Control for persons in a waiting room. They can see the conference roster list, and perform certain actions that should not be allowed before they are admitted to the meeting.
CVSS Score
4.3
EPSS Score
0.003
Published
2024-06-10
CVE-2023-31289
Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-12-25
CVE-2023-31455
Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-12-25
CVE-2023-37225
Pexip Infinity before 32 allows Webapp1 XSS via preconfigured links.
CVSS Score
6.1
EPSS Score
0.002
Published
2023-12-25
CVE-2022-32263
Pexip Infinity before 28.1 allows remote attackers to trigger a software abort via G.719.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-07-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved