N/A

A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.8.0 and earlier allows any read-only user to issue requests to the administration panel in order to change functionality. For example, a read-only user may activate the Java JMX port in unauthenticated mode and execute OS commands under root privileges. This issue was resolved in Wowza Streaming Engine 4.8.5.

N/A

N/A

Wowza Media Systems Streaming Engine 访问控制错误漏洞

Wowza Media Systems Streaming Engine是美国Wowza Media Systems公司的一套流媒体服务器软件。 Wowza Media Systems Streaming Engine 4.8.0及之前版本中存在安全漏洞。攻击者可利用该漏洞向管理面板发送请求，修改功能。

N/A

N/A