漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. By default, the TURN server runs an unauthenticated telnet admin portal on the loopback interface. This can provide administrator access to the TURN server configuration, which can lead to additional attacks. An attacker who can get access to the telnet port can gain administrator access to the TURN server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
coTURN 信任管理问题漏洞
Vulnerability Description
CoTURN是一款TURN(VoIP媒体业务NAT穿越服务器和网关)和STUN(用户数据报协议简单穿越网络地址转换器)Server的开源实现。 coTURN中存在信任管理问题漏洞,该漏洞源于在默认配置下,本地命令行管理界面的密码为空。远程攻击者可利用该漏洞将权限提升至coTURN服务器的管理员权限。
CVSS Information
N/A
Vulnerability Type
N/A