Posted by Sandro Gauci on Jan 12

# Loopback access control bypass in coturn by using 0.0.0.0, [::1] or [::] as the peer address

– Fixed version: 4.5.2
– Enable Security Advisory:
https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass
– Coturn Security Advisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p
– Other references:
– CVE-2020-26262
-…
Read More – Full Disclosure


By |2021-01-13T03:20:32+00:00January 13th, 2021|