Versions: 22.214.171.124, 2.3.x, 2.4.x, 2.5.x
Exploit type: Incorrect Access Control
An inadequate authentication check may allow an attacker to broadcast to some streaming services.
All recent versions of the MediaCP are affected from version 126.96.36.199 and newer. All customers are advised to run a software upgrade to patch the issue immediately.
Versions 2.4.4 and 2.5.1 have now been patched against the exploit and include a build date of 20190904. The build date can be checked from Admin Dashboard -> Software Health and is displayed at the top of the page.
If you are currently using versions 2.4.4 or 2.5.1, please run the upgrade process again to automatically patch against the exploit.