Posted by Sandro Gauci on Sep 01
# Kamailio vulnerable to header smuggling possible due to bypass of remove_hf
– Fixed versions: Kamailio v5.4.0
– Enable Security Advisory: <https://github.com/EnableSecurity/advisories/tree/master/ES2020-01-kamailio-remove-hf>
– Tested vulnerable versions: 5.3.5 and earlier
– Report date & issue patched by Kamailio: 2020-07-16
– Kamailio rewrite for header parser (better fix): 2020-07-16 to 2020-07-23
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.