LIVE555 Authorization Bypass Vulnerability in RTSP Session Command Handling

An authorization bypass vulnerability has been identified in LIVE555 versions prior to 2026.04.22. This vulnerability allows attackers to replay valid RTSP session tokens from unauthenticated connections. By doing so, they can issue PLAY and TEARDOWN commands from a second TCP connection without authentication. This exploitation can lead to server crashes caused by virtual function call errors or disrupt active streams by terminating the sessions of authenticated users.

Impact

Exploitation of this vulnerability allows for an authorization bypass in RTSP session management, enabling unauthorized control over active streams. This could lead to server crashes or disruption of ongoing media sessions.

Reproduction

To reproduce this vulnerability, first, authenticate a connection with the LIVE555 RTSP server and obtain a valid session token. Then, open a second unauthenticated connection and replay the session token in a PLAY request. The server will respond with a 200 OK status and crash shortly after.

Remediation

Users should update to LIVE555 version 2026.04.22 or later, where this vulnerability has been addressed.