VYPR

Media Server

by Serviio

CVEs (1)

  • CVE-2025-34101CriJul 10, 2025
    risk 0.64cvss epss 0.03

    An unauthenticated command injection vulnerability exists in Serviio Media Server versions 1.4 through 1.8 on Windows, in the /rest/action API endpoint exposed by the console component (default port 23423). The checkStreamUrl method accepts a VIDEO parameter that is passed…