CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS
Percentile
56.7%
Coturn is free open source implementation of TURN and STUN Server. Coturn
before version 4.5.2 by default does not allow peers to connect and relay
packets to loopback addresses in the range of 127.x.x.x
. However, it was
observed that when sending a CONNECT
request with the XOR-PEER-ADDRESS
value of 0.0.0.0
, a successful response was received and subsequently,
CONNECTIONBIND
also received a successful response. Coturn then is able
to relay packets to the loopback interface. Additionally, when coturn is
listening on IPv6, which is default, the loopback interface can also be
reached by making use of either [::1]
or [::]
as the peer address. By
using the address 0.0.0.0
as the peer address, a malicious user will be
able to relay packets to the loopback interface, unless
--denied-peer-ip=0.0.0.0
(or similar) has been specified. Since the
default configuration implies that loopback peers are not allowed, coturn
administrators may choose to not set the denied-peer-ip
setting. The
issue patched in version 4.5.2. As a workaround the addresses in the
address block 0.0.0.0/8
, [::1]
and [::]
should be denied by default
unless --allow-loopback-peers
has been specified.
Author | Note |
---|---|
pfsmorigo | Tested vulnerable versions: 4.5.1.3 |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
EPSS
Percentile
56.7%