CVE-2020-5741
Plex Media Server Remote Code Execution Vulnerability
CVSS
—
Sin CVSS
EPSS
72.8%
p99
KEV
SÍ
10 mar 2023
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Plex / Media Server
Vulnerabilidad
Plex Media Server Remote Code Execution Vulnerability
Añadido a KEV
10 mar 2023
Remediar antes de
31 mar 2023
Uso conocido en ransomware
No
Descripción resumida
Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.
Acción requerida
Apply updates per vendor instructions.
Notas
https://forums.plex.tv/t/security-regarding-cve-2020-5741/586819; https://nvd.nist.gov/vuln/detail/CVE-2020-5741
Sin CVEs relacionados por CWE o producto.