14 matches found
EUVD-2025-21036
Malicious code in bioql PyPI...
CVE-2025-34101
An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...
CVE-2025-34101
An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...
CVE-2025-34101 Serviio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO Parameter
An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...
CVE-2025-34101 Serviio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO Parameter
An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...
CVE-2025-34101
Serviio Media Server on Windows versions 1.4–1.8 is affected by an unauthenticated command-injection via the /rest/action REST API. The checkStreamUrl method takes a VIDEO parameter and passes it unsanitized to cmd.exe, enabling arbitrary command execution with the web server’s privileges. The RE...
Serviio Media Server 安全漏洞
Serviio Media Server is a media server software from Serviio Individual Developers in the UK. A security vulnerability exists in Serviio Media Server versions 1.4 through 1.8, which stems from a command injection issue in the /rest/action API endpoint that could lead to remote code execution...
PT-2025-29143 · Unknown · Serviio Media Server
Name of the Vulnerable Software and Affected Versions: Serviio Media Server versions 1.4 through 1.8 Description: An unauthenticated command injection exists in Serviio Media Server. The /rest/action API endpoint, exposed by the console component default port 23423, is vulnerable. The...
Serviio Media Server checkStreamUrl Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /Restlet-Framework/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initializeinfo = superupdateinfoinfo, 'Name' =...
Serviio Media Server checkStreamUrl Command Execution Exploit
This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service on port 23423 by default exposes a REST API which which does not require authentication...
Serviio Media Server - checkStreamUrl Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /Restlet-Framework/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initializeinfo = superupdateinfoinfo, 'Name' =...
Serviio Media Server Cross-Site Scripting
A cross-site scripting vulnerability exists in Serviio Media Server. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Serviio Media Server Remote Code Execution
A code execution vulnerability exists in Serviio Media Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Serviio Media Server checkStreamUrl Command Execution
This module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service on port 23423 by default exposes a REST API which which does not require authentication. The 'actio...