CVE-2021-32644

MEDIUM LAB

Ampache 4.x.y - Authenticated Code Injection in random.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-32644. PoCs published by dnr6419.

AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2021-32644, an XSS vulnerability in Ampache versions prior to 4.4.3. It includes a Docker setup for Ampache 4.4.2 and a crafted URL to trigger the XSS payload.

Description

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. This issue has been resolved in 4.4.3.

Exploits (1)

nomisec WORKING POC
by dnr6419 · poc
https://github.com/dnr6419/CVE-2021-32644

This repository provides a functional proof-of-concept for CVE-2021-32644, an XSS vulnerability in Ampache versions prior to 4.4.3. It includes a Docker setup for Ampache 4.4.2 and a crafted URL to trigger the XSS payload.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Ampache 4.4.2
No auth needed
Prerequisites: Docker environment · Ampache 4.4.2 instance
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 6.4
EPSS 0.0084
EPSS Percentile 53.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Lab Environment

COMMUNITY
Community Lab
docker pull ampache/ampache:4.4.2

Details

CWE
CWE-79
Status published
Products (1)
ampache/ampache 4.4.2
Published Jun 22, 2021
Tracked Since Feb 18, 2026