High severity7.5NVD Advisory· Published Jan 18, 2017· Updated May 13, 2026

CVE-2016-6271

Description

The Bzrtp library (aka libbzrtp) 1.0.x before 1.0.4 allows man-in-the-middle attackers to conduct spoofing attacks by leveraging a missing HVI check on DHPart2 packet reception.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/BelledonneCommunications/bzrtp/commit/bbb1e6e2f467ee4bd7b9a8c800e4f07343d7d99bnvdIssue TrackingPatch
www.securityfocus.com/bid/95928nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000