Emby Server is a personal media server with apps on many devices. In Emby Server on Windows there is a set of arbitrary file read vulnerabilities. This vulnerability is known to exist in version 4.6.4.0 and may not be patched in later versions. Known vulnerable routes are /Videos/Id/hls/PlaylistId/SegmentId.SegmentContainer, /Images/Ratings/theme/name and /Images/MediaInfo/theme/name. For more details including proof of concept code, refer to the referenced GHSL-2021-051. This issue may lead to unauthorized access to the system especially when Emby Server is configured to be accessible from the Internet.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2021-09-09T01:30:10
Updated: 2024-08-03T23:33:56.022Z
Reserved: 2021-05-12T00:00:00
Link: CVE-2021-32833
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-09-09T02:15:14.310
Modified: 2024-11-21T06:07:50.730
Link: CVE-2021-32833
Redhat
No data.