CVE-2024-52054: 
Wowza Streaming Engine vulnerability analysis and mitigation

CVE-2024-52054 is a path traversal vulnerability affecting the Manager component of Wowza Streaming Engine versions below 4.9.1. The vulnerability allows an administrator user to create an XML definition file anywhere on the file system. This issue was discovered by Ryan Emmons, Lead Security Researcher at Rapid7, and was patched on November 20, 2024 (Rapid7 Blog).

The vulnerability has been assigned a CVSS score of 5.1, indicating a moderate severity level. It specifically affects the Manager component of Wowza Streaming Engine and is classified as an authenticated arbitrary file write vulnerability that allows XML file creation in arbitrary locations on the filesystem. The vulnerability was introduced in Wowza Streaming Engine version 4.3.0 and affects all subsequent versions up to 4.9.0 (Security Online).

When exploited, this vulnerability allows an authenticated administrator to create XML files in arbitrary locations on the file system, potentially leading to security implications for the affected system. At the time of disclosure, approximately 18,500 Wowza Streaming Engine servers were exposed to the public internet, making this vulnerability a significant concern for organizations using the affected versions (Rapid7 Blog).

The vulnerability has been patched in Wowza Streaming Engine version 4.9.1, released on November 20, 2024. Organizations are strongly encouraged to upgrade to this version or any future version to remediate the issue. Rapid7's InsightVM and Nexpose customers can assess their exposure to this vulnerability using authenticated vulnerability checks available since the November 20, 2024 content release (Rapid7 Blog).

Wowza Media Systems has acknowledged the vulnerability and stated: "We at Wowza Media Systems are focused on security excellence, and by partnering with trusted researchers like Rapid7, we proactively respond to and fix vulnerabilities to safeguard our customers' interests" (Rapid7 Blog).