Name of the Vulnerable Software and Affected Versions Tautulli version 2.1.9

Description The issue allows an attacker to shut down a remote media server due to a CSRF vulnerability in the "/shutdown" API endpoint. Additionally, anonymous access can be achieved in certain applications lacking a user login area.

Recommendations For Tautulli version 2.1.9, consider disabling access to the "/shutdown" API endpoint until a patch is available to prevent unauthorized shutdown of the media server. Restrict access to the Tautulli application to minimize the risk of exploitation, especially in applications without a user login area.