Intrusion Prevention

Serviio.Media.Server.REST.API.Arbitrary.Password.Modification

Description

This indicates an attack attempt to exploit a Security Bypass vulnerability in Serviio Media Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted request. A remote attacker can exploit this to change the password for arbitrary accounts.

Affected Products

Serviio Media Server PRO 1.8.0.0
Serviio Media Server 1.6.1
Serviio Media Server 1.7.0
Serviio Media Server 1.7.1

Impact

Security Bypass: Remote attackers can bypass security features of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue

Other References

41960