Published: 09/09/2021 Updated: 16/09/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Emby Server is a personal media server with apps on many devices. In Emby Server on Windows there is a set of arbitrary file read vulnerabilities. This vulnerability is known to exist in version 4.6.4.0 and may not be patched in later versions. Known vulnerable routes are /Videos/Id/hls/PlaylistId/SegmentId.SegmentContainer, /Images/Ratings/theme/name and /Images/MediaInfo/theme/name. For more details including proof of concept code, refer to the referenced GHSL-2021-051. This issue may lead to unauthorized access to the system especially when Emby Server is configured to be accessible from the Internet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
emby emby.releases

In Emby Server on Windows there is a set of arbitrary file read vulnerabilities This vulnerability is known to exist in version 4640 and may not be patched in later versions Known vulnerable routes are /Videos/Id/hls/PlaylistId/SegmentIdSegmentContainer, /Images/Ratings/theme/name and /Images/MediaInfo/theme/name For more details including p ...

CWE-552 https://securitylab.github.com/advisories/GHSL-2021-051-emby/https://nvd.nist.gov https://security.archlinux.org/CVE-2021-32833

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-32833

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect