{"id":"CVE-2020-28361","details":"Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio textops module. Particular use of remove_hf in Sippy Softswitch may allow skilled attacker having a valid credential in the system to disrupt internal call start/duration accounting mechanisms leading potentially to a loss of revenue.","modified":"2026-04-11T23:13:01.289637Z","published":"2020-11-18T14:15:12.017Z","references":[{"type":"REPORT","url":"https://support.sippysoft.com/support/discussions/topics/3000179616"},{"type":"EVIDENCE","url":"https://packetstormsecurity.com/files/159030/Kamailio-5.4.0-Header-Smuggling.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kamailio/kamailio","events":[{"introduced":"0"},{"fixed":"6c4fceb2ab6818678df16fa3df554392b0707572"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:kamailio:kamailio:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"5.4.0"}]}}],"versions":["3.0_pre1","after_0_9_4_pkg_merge","after_makefile_merges","after_testing_0_8_12_r0_merge","after_testing_0_8_12_r1_merge","after_xl","before_db_api_changes","before_dest_info_changes_2","before_kill_repl_add_rm","before_lumps_split","before_malloc_changes","before_new_timers","before_replication_patch","before_socket_info_lists","before_str2ip_changes","before_tcp_port_aliases","before_testing_0_8_12_r0_merge","before_testing_0_8_12_r1_merge","before_tm_timers","before_xl","bflmpsvz","bigbang","bogdan_final_version","budvar","fixstats","gpled","ipv4_working","ipv6","last_merge_to_janakj","listen_ifs","mem-fixes","myself_port_lo","new_cfg_compiles","new_hash","new_timers","old_mod_iface","post-zt","pre-bigbang","pre-zt","pre22","pre6-tcp4","pre6-tcp5-tm","pre_fixstats","pregpl","rel_0_8_11_root","rel_0_9_0_root","ser_0-8-6-4","ser_081-plugins","ser_082","ser_0839_errors","ser_0_7","ser_0_8_10","ser_0_8_10_pre2","ser_0_8_10_pre3","ser_0_8_10_pre4","ser_0_8_10_pre5","ser_0_8_3_1","ser_0_8_3_2","ser_0_8_6-5-stable","ser_0_8_6-6-beer-release","ser_0_8_7-0-unstable","ser_0_8_8-final-cd-release","ser_0_8_9","ser_0_8_9-release","sip_083","sip_pre-plugin","sr_3.1_freeze","sr_before_modules_merge","sr_simpleconfig","srv","tcp2","testing_0_8_12_root","tmp_pcl_tag_17368Js8","v03","v0_2","v0_8_11_pre9","v0_8_11dev34","v0_8_11pre29","v0_8_11pre29-prerelease","v0_8_11pre29-prerelease-cd","v0_8_11pre8","v0_8_12_t02_merged_w_v0_8_11pre35","v0_8_12dev-t03","v0_8_12dev_t05","v0_8_12dev_t13","v0_8_13dev-t16","v0_8_8","wo_sp"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28361.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}]}