CVE-2021-33959 PoC — Plex media server 访问控制错误漏洞

Source

https://github.com/lixiang957/CVE-2021-33959

Associated Vulnerability

Title:Plex media server 访问控制错误漏洞 (CVE-2021-33959)
Description:Plex media server是Plex公司的一款媒体播放器。 Plex media server 1.21版本及之前版本存在访问控制错误漏洞，该漏洞源于会通过plex服务受到分布式拒绝服务攻击。

Description

CVE-2021-33959

Readme

# CVE-2021-33959

It can be seen that Plex service listens to the four udp ports 32410, 32412, 32413 and 32414. Through the analysis of the attack payload and using the message format of the device query request for reference, we write software to send udp packets with the attack payload of M-SEARCH * HTTP/1.1 to these ports, and capture packets for the reflection source IP. Finally, we find that both 32410 and 32414 respond. The recurrence attack is shown in the following figure:


# send request

echo "M-SEARCH * HTTP/1.1" | nc -4u <ipaddress> 32410

# example
![test](./Images/img.png)


# Affected version
plex media server - 1.21 before

# Reference link

https://www.freebuf.com/articles/web/260338.html

File Snapshot


 [4.0K]  /data/pocs/7d5ab39b5763342e02ae091973dfd0b61fc4facf
├── [4.0K]  Images
│   └── [ 65K]  img.png
└── [ 716]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!