all InfoSec news
Vulnerability Spotlight: Vulnerabilities in WWBN AVideo web app could lead to command injection, authentication bypass
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered multiple vulnerabilities in the WWBN AVideo web application that could allow an attacker to carry out a wide range of malicious actions, including command injection and authentication bypass.
AVideo is an open-source web application that allows users to build a video streaming and sharing platform. Anyone who joins the community can host videos on-demand, launch a live stream or encode different video formats.
TALOS-2022-1542 …app authentication authentication bypass bypass command command injection injection spotlight vulnerabilities vulnerability web web app