Joshua M. Boniface

2 exploits Active since Mar 2021
CVE-2021-21402 WRITEUP HIGH WRITEUP
Jellyfin < 10.7.1 - Unauthenticated Arbitrary File Read via Path Traversal
Jellyfin is a Free Software Media System. In Jellyfin before version 10.7.1, with certain endpoints, well crafted requests will allow arbitrary file read from a Jellyfin server's file system. This issue is more prevalent when Windows is used as the host OS. Servers that are exposed to the public Internet are potentially at risk. This is fixed in version 10.7.1. As a workaround, users may be able to restrict some access by enforcing strict security permissions on their filesystem, however, it is recommended to update as soon as possible.
CVSS 7.7
CVE-2023-48702 WRITEUP HIGH WRITEUP
jellyfin < 10.8.13 - Authenticated Remote Code Execution via MediaEncoder Path Endpoint
Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the `/System/MediaEncoder/Path` endpoint executes an arbitrary file using `ProcessStartInfo` via the `ValidateVersion` function. A malicious administrator can setup a network share and supply a UNC path to `/System/MediaEncoder/Path` which points to an executable on the network share, causing Jellyfin server to run the executable in the local context. The endpoint was removed in version 10.8.13.
CVSS 7.2