Vulnerability Description
Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the `/System/MediaEncoder/Path` endpoint executes an arbitrary file using `ProcessStartInfo` via the `ValidateVersion` function. A malicious administrator can setup a network share and supply a UNC path to `/System/MediaEncoder/Path` which points to an executable on the network share, causing Jellyfin server to run the executable in the local context. The endpoint was removed in version 10.8.13.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jellyfin | Jellyfin | < 10.8.13 |
Related Weaknesses (CWE)
References
- https://github.com/jellyfin/jellyfin/commit/83d2c69516471e2db72d9273c6a04247d0f3Patch
- https://github.com/jellyfin/jellyfin/security/advisories/GHSA-rr9h-w522-cvmrExploitVendor Advisory
- https://securitylab.github.com/advisories/GHSL-2023-028_jellyfin/ExploitThird Party Advisory
- https://github.com/jellyfin/jellyfin/commit/83d2c69516471e2db72d9273c6a04247d0f3Patch
- https://github.com/jellyfin/jellyfin/security/advisories/GHSA-rr9h-w522-cvmrExploitVendor Advisory
- https://securitylab.github.com/advisories/GHSL-2023-028_jellyfin/ExploitThird Party Advisory
FAQ
What is CVE-2023-48702?
CVE-2023-48702 is a vulnerability with a CVSS score of 7.2 (HIGH). Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the `/System/MediaEncoder/Path` endpoint executes an arbitrary file using `ProcessStartInfo` via the `ValidateVersion` ...
How severe is CVE-2023-48702?
CVE-2023-48702 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-48702?
Check the references section above for vendor advisories and patch information. Affected products include: Jellyfin Jellyfin.