5 matches found
Exploit for Path Traversal in Jellyfin
CVE-2021-21402: Jellyfin Arbitrary File Reading Vulnerability...
Exploit for Path Traversal in Jellyfin
CVE-2021-21402-Jellyfin-Automatic File R...
Jellyfin 任意文件读取漏洞(CVE-2021-21402)
GHSL-2021-050: Unauthenticated abritrary file read in Jellyfin - CVE-2021-21402 Jaroslav Lobacevski Coordinated Disclosure Timeline - 2021-03-19: Issue reported to maintainers. - 2021-03-22: Version 10.7.1 with fixes was released. Summary Jellyfin allows unauthenticated arbitrary file read. Produ...
CVE-2021-21402
creationtimestamp| type| source ---|---|--- 2021-03-23 23:38:33+00:00| seen| https://t.me/cibsecurity/25345 2021-04-06 11:01:13+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3064 2021-04-12 11:01:12+00:00| seen| https://t.me/CyberSecurityTechnologies/3104 2021-09-21...
CVE-2021-21402
Summary of CVE-2021-21402 (Jellyfin) : A local/file read vulnerability exists in Jellyfin before version 10.7.1, enabling an attacker to read arbitrary files from the server’s filesystem via crafted requests. The issue is more prevalent when Windows is the host OS and affected servers exposed to ...