CVE-2021-4465

HIGH

ReQuest Serious Play F3 Media Server <7.0.3.4968 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-4465. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a remote denial of service (DoS) vulnerability in ReQuest Serious Play F3 Media Server. An unauthenticated attacker can send a crafted HTTP GET request to trigger a shutdown or reboot of the device.

Description

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 contain a remote denial-of-service vulnerability. The device can be shut down or rebooted by an unauthenticated attacker through a single crafted HTTP GET request, allowing remote interruption of service availability.

Exploits (1)

exploitdb WORKING POC
by LiquidWorm · textwebappshardware
https://www.exploit-db.com/exploits/48951

This exploit demonstrates a remote denial of service (DoS) vulnerability in ReQuest Serious Play F3 Media Server. An unauthenticated attacker can send a crafted HTTP GET request to trigger a shutdown or reboot of the device.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: ReQuest Serious Play F3 Media Server (versions 7.0.3.4968, 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, 2.0.1.823)
No auth needed
Prerequisites: Network access to the target device · Target device running vulnerable version of ReQuest Serious Play F3 Media Server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/48951
Third Party Advisory, VDB Entry vdb-entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/190031
Various Sources product
http://www.request.com/
Third Party Advisory technical-description exploit
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5601.php

Scores

CVSS v4 8.7
EPSS 0.0042
EPSS Percentile 33.1%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-400
Status published
Products (6)
ReQuest Serious Play LLC/ReQuest Serious Play 2.0.1.823
ReQuest Serious Play LLC/ReQuest Serious Play 6.3.2.4203
ReQuest Serious Play LLC/ReQuest Serious Play 6.4.2.4681
ReQuest Serious Play LLC/ReQuest Serious Play 6.5.2.4954
ReQuest Serious Play LLC/ReQuest Serious Play 7.0.2.4954
ReQuest Serious Play LLC/ReQuest Serious Play Pro 7.0.3.4968
Published Nov 14, 2025
Tracked Since Feb 18, 2026