Wowza Streaming Engine Vulnerabilities Expose Thousands of Servers to Attack
Ryan Emmons, Lead Security Researcher at Rapid7, has discovered multiple vulnerabilities in Wowza Streaming Engine, a popular media server software. The vulnerabilities could allow a remote attacker to gain complete control of affected systems.
Wowza Streaming Engine is used by many organizations for live stream broadcasts, video-on-demand, and other media services. According to Rapid7’s research, approximately 18,500 Wowza Streaming Engine servers are exposed to the public internet, making them potential targets for attackers.
The most severe vulnerability is an unauthenticated stored cross-site scripting (XSS) vulnerability that could allow an attacker to inject malicious code into the Wowza Streaming Engine Manager web dashboard. If an administrator views the poisoned dashboard, the attacker could exploit additional vulnerabilities to gain remote code execution on the server.
The attacker would then have root privileges on Linux systems and LocalSystem privileges on Windows systems, giving them complete control over the server.
The vulnerabilities have been assigned the following CVE identifiers:
- CVE-2024-52052 (CVSS 9.4): Authenticated remote code execution vulnerability
- CVE-2024-52053 (CVSS 8.7): Unauthenticated stored XSS vulnerability
- CVE-2024-52054 (CVSS 5.1): Authenticated arbitrary file write vulnerability
- CVE-2024-52055 (CVSS 8.2): Authenticated arbitrary file read vulnerability
- CVE-2024-52056 (CVSS 6.9): Authenticated arbitrary directory deletion vulnerability
Wowza has released version 4.9.1 of Wowza Streaming Engine to address these vulnerabilities. All users are strongly encouraged to update their systems as soon as possible.
Organizations that use Wowza Streaming Engine should take immediate action to mitigate these vulnerabilities and protect their systems from potential attacks.
In a statement, Wowza Media Systems said: “We at Wowza Media Systems are focused on security excellence, and by partnering with trusted researchers like Rapid7, we proactively respond to and fix vulnerabilities to safeguard our customers’ interests.”
