WebSocket Payload Size 0 Mishandling Vulnerability in Asterisk 15.x through 15.2.1
CVE-2018-7287 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:N/A:P
An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. If the HTTP server is enabled (default is disabled), WebSocket payloads of size 0 are mishandled (with a busy loop).
Learn more about our Web App Pen Testing.