High severityNVD Advisory· Published Dec 5, 2025· Updated Apr 15, 2026

CVE-2020-36876

Description

ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running on the device. Attackers can access sensitive information by visiting the message_log page.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

request.comnvd
www.exploit-db.com/exploits/48950nvd
www.vulncheck.com/advisories/request-serious-play-f-media-server-debug-log-disclosurenvd
www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5600.phpnvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000