DEV Community

Cover image for CVE-2020-5741: Plex Media Server Remote Code Execution Vulnerability
Freedom Coder
Freedom Coder

Posted on • Edited on • Originally published at scyscan.com

CVE-2020-5741: Plex Media Server Remote Code Execution Vulnerability

CVE ID

CVE-2020-5741

Vulnerability Name

Plex Media Server Remote Code Execution Vulnerability

  • Project: Plex
  • Product: Media Server

Date

  • Date Added: 2023-03-10
  • Due Date: 2023-03-31

Description

Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://forums.plex.tv/t/security-regarding-cve-2020-5741/586819; https://nvd.nist.gov/vuln/detail/CVE-2020-5741

Related Security News

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

Top comments (0)