VYPR
← All advisories
Critical severity9.9NVD Advisory· Published Jun 4, 2026· Updated Jun 4, 2026

CVE-2026-43986

CVE-2026-43986

Description

Tautulli versions prior to 2.17.1 allow unauthenticated Server-Side Request Forgery (SSRF) by seeding a malicious image URL into a lookup table.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Tautulli versions prior to 2.17.1 allow unauthenticated Server-Side Request Forgery (SSRF) by seeding a malicious image URL into a lookup table.

Vulnerability

Tautulli, a monitoring tool for Plex Media Server, versions prior to 2.17.1 contain a vulnerability in the public /image/ route. This route resolves attacker-controlled entries from image_hash_lookup and replays them through the server-side image fetch logic. A low-privilege guest user can seed a malicious external image URL into this lookup table, which is then accessible by any external user via the /image/.png endpoint [1].

Exploitation

An attacker can exploit this vulnerability if guest access is enabled in Tautulli. The attacker first needs to obtain the server's UUID, which is disclosed in the sign-in response. Using this UUID along with other controllable parameters, the attacker can derive a specific image hash. By seeding a malicious external image URL associated with this hash into the image_hash_lookup table, the attacker can then trigger server-side fetches of arbitrary URLs by any unauthenticated user requesting the corresponding /image/.png endpoint [1].

Impact

Successful exploitation of this vulnerability allows an unauthenticated attacker to perform Server-Side Request Forgery (SSRF). The Tautulli or Plex Media Server host will fetch an arbitrary URL chosen by the attacker. This could lead to the disclosure of sensitive information, interaction with internal services, or other unintended consequences depending on the network environment and the attacker's chosen URL [1].

Mitigation

Tautulli version 2.17.1, released on 2026-05-04, addresses this vulnerability by preventing the storage of image hashes for external images [2]. Users are strongly advised to update to version 2.17.1 or later to mitigate this risk.

References
  1. Unauthenticated SSRF in /image/<hash> via attacker-seeded image hash replay
  2. Release Tautulli v2.17.1 · Tautulli/Tautulli

AI Insight generated on Jun 4, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Tautulli/Tautullireferences2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <2.17.1

Patches

1
85f9cc2ea7d2

Don't store image hash for http images

https://github.com/tautulli/tautulliJonnyWong16Apr 26, 2026Fixed in 2.17.1via llm-release-walk
commit
1 file changed · +2 1
  • plexpy/webserve.py+2 1 modified
    @@ -4795,7 +4795,8 @@ def real_pms_image_proxy(self, img=None, rating_key=None, width=750, height=1000
         img_hash = notification_handler.set_hash_image_info(
             img=img, rating_key=rating_key, width=width, height=height,
             opacity=opacity, background=background, blur=blur, fallback=fallback,
-            add_to_db=return_hash)
+            add_to_db=(return_hash and not img.startswith('http'))
+        )
 
         if return_hash:
             return {'img_hash': img_hash}

Vulnerability mechanics

Root cause

"The application allows guest users to seed a malicious external image URL into a lookup table, which is then replayed through server-side image fetch logic via an unauthenticated endpoint."

Attack vector

An attacker first authenticates as a guest user to obtain a server UUID. They then use the `/pms_image_proxy` endpoint with `return_hash=true` and a malicious external image URL to seed the `image_hash_lookup` table. The attacker computes the expected hash offline and then triggers the public `/image/<hash>.png` endpoint without authentication, causing the server to fetch the attacker-controlled URL [ref_id=1]. This transforms an authenticated SSRF primitive into a persistent, unauthenticated SSRF gadget.

Affected code

The vulnerability stems from the interaction between `plexpy/webauth.py`, `plexpy/webserve.py`, and `plexpy/notification_handler.py`. Specifically, guest users can access the authentication path in `webauth.py`, which discloses the server UUID. The `/pms_image_proxy` route in `webserve.py` allows seeding hashes via `notification_handler.set_hash_image_info` in `notification_handler.py`. Finally, the public `/image/<hash>` route in `webserve.py` retrieves and replays these hashes without proper authentication [ref_id=1].

What the fix does

Version 2.17.1 addresses the vulnerability by preventing guest users from reaching the image-hash creation path. This change ensures that only authenticated users can seed entries into the `image_hash_lookup` table, thereby mitigating the unauthenticated SSRF risk [patch_id=4822911]. The patch effectively removes the ability for unauthenticated or low-privilege users to initiate the SSRF chain.

Preconditions

  • configTautulli must be configured to allow guest access.
  • authThe attacker must be able to authenticate as a guest Plex friend user.

Reproduction

1. Authenticate as a guest and obtain the returned uuid value from `/auth/signin`. 2. Use `/pms_image_proxy?img=http://ATTACKER:8000/persist.png&width=10&height=10&opacity=100&background=000000&blur=0&fallback=poster&return_hash=true` with the guest JWT to seed a row in `image_hash_lookup`. 3. Compute the expected hash offline using the disclosed uuid and the parameters from step 2. 4. Trigger the public `/image/<computed_sha256>.png` endpoint without authentication [ref_id=1].

Generated on Jun 4, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

2

News mentions

0

No linked articles in our index yet.