EUVD-2020-30840

Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation vulnerability in the updateUser object that allows attackers to modify user roles. Attackers can exploit the /messagebroker/amf endpoint to elevate privileges and take over user accounts by manipulating ro...

CVE-2020-36892 Eibiz i-Media Server Digital Signage 3.8.0 Unauthenticated Privilege Escalation

Eibiz i-Media Server Digital Signage 3.8.0 contains an unauthenticated privilege escalation vulnerability in the updateUser object that allows attackers to modify user roles. Attackers can exploit the /messagebroker/amf endpoint to elevate privileges and take over user accounts by manipulating ro...

PT-2025-50515

Eibiz i-Media Server Digital Signage 3.8.0 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through AMF-encoded object manipulation. Attackers can send crafted serialized objects to the /messagebroker/amf endpoint to create administrative...

Eibiz i-Media Server Digital Signage 访问控制错误漏洞

Eibiz i-Media Server Digital Signage is a digital signage server from Eibiz Thailand. An access control error vulnerability exists in Eibiz i-Media Server Digital Signage version 3.8.0, which stems from an authentication bypass in the AMF encoded object operation that could lead to the creation o...