VulnCheck KEV: CVE-2023-34105

SRS is a real-time video server supporting RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH, and GB28181. Prior to versions 5.0.157, 5.0-b1, and 6.0.48, SRS's api-server server is vulnerable to a drive-by command injection. An attacker may send a request to the /api/v1/snapshots endpoint containing an...

The vulnerability of the Grafana data visualization web tool, related to bypassing authentication, allows a perpetrator to circumvent the authentication process and delete the live snapshot.

The vulnerability of the Grafana data visualization web tool is related to the bypassing of authentication processes. Exploiting this vulnerability allows a malicious actor to circumvent authentication procedures and delete instant snapshots by sending a deletion request to /api/snapshots/...

PT-2023-24676 · Srs · Srs

Name of the Vulnerable Software and Affected Versions: SRS versions prior to 5.0.157 SRS versions prior to 5.0-b1 SRS versions prior to 6.0.48 Description: The issue concerns a drive-by command injection in the api-server server. An attacker can send a request to the "/api/v1/snapshots" endpoint...