Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tautulli vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-19833
In Tautulli 2.1.9, CSRF in the /shutdown URI allows an malicious user to shut down the remote media server. (Also, anonymous access can be achieved in applications that do not have a user login area).
Tautulli Tautulli 2.1.9
6.1
CVSSv3
CVE-2019-8939
data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a crafted Plex username that is mishandled when constructing the History page.
Tautulli Tautulli 2.1.26
6.5
CVSSv3
CVE-2018-21031
Tautulli versions 2.1.38 and below allows remote malicious users to bypass intended access control in Plex Media Server because the X-Plex-Token is mishandled and can be retrieved from Tautulli. NOTE: Initially, this id was associated with Plex Media Server 1.18.2.2029-36236cc4c ...
Plex Media Server 1.18.2.2029-36236cc4c
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started