Unrated severityNVD Advisory· Published Mar 15, 2026· Updated Mar 16, 2026
Wowza Streaming Engine 4.5.0 Privilege Escalation via user edit
CVE-2016-20034
Description
Wowza Streaming Engine 4.5.0 contains a privilege escalation vulnerability that allows authenticated read-only users to elevate privileges to administrator by manipulating POST parameters. Attackers can send POST requests to the user edit endpoint with accessLevel set to 'admin' and advUser parameters set to 'true' and 'on' to gain administrative access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 4.5.0
- Wowza Media Systems, LLC./Wowza Streaming Enginev5Range: 4.5.0
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/40133mitreexploit
- www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5340.phpmitrevendor-advisory
- www.vulncheck.com/advisories/wowza-streaming-engine-privilege-escalation-via-user-editmitrethird-party-advisory
News mentions
0No linked articles in our index yet.