CVE-2020-26948 PoC — Emby Server 代码问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/workflows/jellyfin-workflow.yaml

Associated Vulnerability

Title:Emby Server 代码问题漏洞 (CVE-2020-26948)
Description:Emby Server是个人开发者的一款功能强大的媒体服务器。该产品主要可用于视频音频和照片等多媒体整合编辑。 Emby Server 4.5.0之前版本存在代码问题漏洞，该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。该漏洞允许攻击者通过Items / RemoteSearch / Image ImageURL参数使用SSRF。

Description

A simple workflow that runs all Jellyfin related nuclei templates on a given target.

File Snapshot


 id: jellyfin-workflow

info:
  name: Jellyfin Security Checks
  author: dwisiswant0
  description: A

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!