skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Wowza Streaming Engine Addresses Multiple Security Vulnerabilities

/ 1 min read

Multiple vulnerabilities in Wowza Streaming Engine fixed. Wowza Streaming Engine v4.9.1 has addressed several critical vulnerabilities that could allow unauthenticated attackers to exploit the system, including a stored cross-site scripting (XSS) attack that could lead to remote code execution with root privileges on Linux and LocalSystem on Windows. The vulnerabilities, tracked as CVE-2024-52052 through CVE-2024-52056, were reported by Rapid7 and have been patched as of November 20, 2024. Approximately 18,500 Wowza servers are currently exposed to the internet, highlighting the urgency of the update. Users are advised to upgrade to the latest version to mitigate these risks.