PT-2026-25735 · Undefined · Undefined
Published
2026-03-15
·
Updated
2026-03-16
·
CVE-2017-20217
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Serviio PRO version 1.8
Description
Serviio PRO version 1.8 has an issue where improper access control in the Configuration REST API allows unauthenticated attackers to access sensitive information. Attackers can send specially crafted requests to REST API endpoints to retrieve configuration data without authentication. The vulnerable API allows access to sensitive configuration data.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Undefined