CVE-2025-49088

Medium CVSS: 5.9

Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for Teams SIP Guest Join, has Improper Input Validation in the OTJ service, allowing a remote attacker to trigger a software abort via a crafted calendar invite, leading to a denial of service.

Vendor

Pexip

Product

Pexip Infinity

CWE

CWE-617

Yayın Tarihi

2025-12-25 05:16:07

Güncelleme

2026-01-05 19:31:32

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-617 Pexip Infinity MEDIUM Pexip 2025

Referanslar

https://docs.pexip.com/admin/security_bulletins.htm

Benzer Kayıtlar

High

CVE-2025-66377

Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal API, allowing an att…

Medium

CVE-2025-66378

Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation, allowing an attacke…

High

CVE-2025-66379

Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a remote attacker to trig…

High

CVE-2025-66443

Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media for WebRTC, has Improp…

High

CVE-2025-32096

Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigg…

High

CVE-2025-48704

Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allows an attacker to trig…