漏洞类别:Web server
漏洞等级: 
漏洞信息
Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on your connected home network.
The vulnerabilities found in Serviio Media Server are:
- Remote Code Execution
- Local Privilege Escalation
- Unauthenticated Password Modification
- Information Disclosure
- DOM-Based Cross-Site Scripting (XSS)
Affected versions:
Serviio Media Server 1.8.0.0 PRO, 1.7.1, 1.7.0, 1.6.1.
QID Detection Logic (Unauthenticated):
This QID matches directory information in the response by sending a crafted HTTP GET request to target.
漏洞危害
Successful exploitation could allow an attacker to compromise the targeted system.
解决方案
The vendor has not confirmed the vulnerability and no patch has been released to specifically fix the vulnerability , however a newer version of software is available for download.
0daybank
文章评论