Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

signalwire — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting signalwire. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SignalWire provides cloud communication APIs for voice, video, and messaging services. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. The platform has faced security incidents, including a 2022 vulnerability (CVE-2022-22963) allowing RCE via Spring Framework flaws. While SignalWire has patched these issues, the presence of multiple CVEs indicates ongoing security challenges in its communication infrastructure. Organizations should implement strict access controls and regular security assessments when integrating these services into their environments.

Top products by signalwire: freeswitch
CVE IDTitleCVSSSeverityPublished
CVE-2023-51443 FreeSWITCH susceptible to Denial of Service via DTLS Hello packets during call initiation — freeswitchCWE-703 7.5 High2023-12-27
CVE-2023-40019 FreeSWITCH allows authorized users to cause a denial of service attack by sending re-INVITE with SDP containing duplicate codec names — freeswitchCWE-770 7.5 High2023-09-15
CVE-2023-40018 FreeSWITCH allows remote users to trigger out of bounds write by offering an ICE candidate with unknown component ID — freeswitchCWE-787 7.5 High2023-09-15
CVE-2021-41158 FreeSWITCH vulnerable to SIP digest leak for configured gateways — freeswitchCWE-200 5.8 Medium2021-10-26
CVE-2021-41157 FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default — freeswitchCWE-287 5.3 Medium2021-10-26
CVE-2021-41105 FreeSWITCH susceptible to Denial of Service via invalid SRTP packets — freeswitchCWE-20 7.5 High2021-10-25
CVE-2021-41145 FreeSWITCH susceptible to Denial of Service via SIP flooding — freeswitchCWE-400 8.6 High2021-10-25
CVE-2021-37624 FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing — freeswitchCWE-287 7.5 High2021-10-25

This page lists every published CVE security advisory associated with signalwire. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.