CVE-2025-58761 Tautulli vulnerable to Unauthenticated Path Traversal in `real_pms_image_proxy`

Tautulli is a Python based monitoring and tracking tool for Plex Media Server. The realpmsimageproxy endpoint in Tautulli v2.15.3 and prior is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files from the application server's filesystem. The realpmsimageproxy i...

Tautulli 安全漏洞

Tautulli is a Tautulli open source application for monitoring Plex Media Server media server. A security vulnerability exists in Tautulli 2.15.3 and earlier versions, which stems from the presence of path traversal in the realpmsimageproxy endpoint, which could lead to arbitrary file reads...