Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-21036

Malicious code in bioql PyPI...

9.3CVSS6.5AI score0.0309EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/07/12 7:24 p.m.10 views

CVE-2025-34101

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...

9.3CVSS8.2AI score0.0309EPSS
Exploits1References1
NVD
NVD
added 2025/07/10 8:15 p.m.12 views

CVE-2025-34101

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...

9.3CVSS0.0309EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/07/10 7:11 p.m.19 views

CVE-2025-34101 Serviio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO Parameter

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...

9.3CVSS0.0309EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/07/10 7:11 p.m.5 views

CVE-2025-34101 Serviio Media Server Unauthenticated Command Injection via checkStreamUrl VIDEO Parameter

An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component default port 23423. The checkStreamUrl method accepts a VIDEO parameter that is passed unsanitized to a call to...

9.3CVSS8.2AI score0.0309EPSS
Exploits1References6
CVE
CVE
added 2025/07/10 7:11 p.m.44 views

CVE-2025-34101

Serviio Media Server on Windows versions 1.4–1.8 is affected by an unauthenticated command-injection via the /rest/action REST API. The checkStreamUrl method takes a VIDEO parameter and passes it unsanitized to cmd.exe, enabling arbitrary command execution with the web server’s privileges. The RE...

9.3CVSS7.6AI score0.0309EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.4 views

Serviio Media Server 安全漏洞

Serviio Media Server is a media server software from Serviio Individual Developers in the UK. A security vulnerability exists in Serviio Media Server versions 1.4 through 1.8, which stems from a command injection issue in the /rest/action API endpoint that could lead to remote code execution...

9.3CVSS8.2AI score0.0309EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/07/10 12:0 a.m.5 views

PT-2025-29143 · Unknown · Serviio Media Server

Name of the Vulnerable Software and Affected Versions: Serviio Media Server versions 1.4 through 1.8 Description: An unauthenticated command injection exists in Serviio Media Server. The /rest/action API endpoint, exposed by the console component default port 23423, is vulnerable. The...

9.3CVSS7.2AI score0.0309EPSS
Exploits1References9
Packet Storm
Packet Storm
added 2017/05/17 12:0 a.m.38 views

Serviio Media Server checkStreamUrl Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /Restlet-Framework/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initializeinfo = superupdateinfoinfo, 'Name' =...

0.4AI score
Exploits0
0day.today
0day.today
added 2017/05/17 12:0 a.m.27 views

Serviio Media Server checkStreamUrl Command Execution Exploit

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service on port 23423 by default exposes a REST API which which does not require authentication...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.25 views

Serviio Media Server - checkStreamUrl Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /Restlet-Framework/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initializeinfo = superupdateinfoinfo, 'Name' =...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/05/10 12:0 a.m.4 views

Serviio Media Server Cross-Site Scripting

A cross-site scripting vulnerability exists in Serviio Media Server. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

5.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/05/10 12:0 a.m.1 views

Serviio Media Server Remote Code Execution

A code execution vulnerability exists in Serviio Media Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2017/05/05 7:54 a.m.19 views

Serviio Media Server checkStreamUrl Command Execution

This module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service on port 23423 by default exposes a REST API which which does not require authentication. The 'actio...

1.3AI score
Exploits0
Rows per page
Query Builder