5 matches found
CVE-2021-42835
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker with a foothold in a endpoint via a low-privileged user account can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC...
Plex Media Server < 1.25.0 Privilege Escalation Vulnerability
Plex Media Server is prone to a privilege escalation vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2021-42835
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker with a foothold in a endpoint via a low-privileged user account can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC...
CVE-2021-42835
Plex Media Server up to version 1.24.4.5081-e362dc1ee is affected by a TOCTOU race in the exposed RPC interface of the Product Update Service, enabling a local attacker with a low-privileged account to interact with the RPC and execute code from a chosen path (local or via SMB) with the update se...
CVE-2021-42835
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker with a foothold in a endpoint via a low-privileged user account can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC...