kamailio is vulnerable to arbitrary code execution. Lack of input validation allows an attacker to execute arbitrary code on the system via a malicious SIP message containing multiple To
header and an empty To
tag, which results in a segmentation fault.