Path Traversal in Wowza Streaming Engine

CVE-2024-52054

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.002 (42.5th percentile) — read the EPSS interpretation.

Affected products

Wowza Streaming Engine — versions 4.3.0

Weakness classification (CWE)

CWE-22 — Path Traversal

References