CoTURN 4.5.1.1 Web Server Heap Out-of-Bounds Read Vulnerability

CoTURN 4.5.1.1 Web Server Heap Out-of-Bounds Read Vulnerability

CVE-2020-6061 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability.

Learn more about our Web App Pen Testing.