VULHUB ™

### Summary Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on your connected home network. ### Description The version of Serviio installed on the remote Windows/Linux host is affected by an unauthenticated password modification vulnerability due to improper access control enforcement of the Configuration REST API. A remote attacker can exploit this, via a specially crafted request, to change the login password for the mediabrowser protected page. ### Vendor Petr Nejedly | Six Lines Ltd - http://www.serviio.org ### Affected Version * 1.8.0.0 PRO * 1.7.1 * 1.7.0 * 1.6.1 ### Tested On * Restlet-Framework/2.2 * Windows 7, UPnP/1.0 DLNADOC/1.50, Serviio/1.8 * Mac OS X, UPnP/1.0 DLNADOC/1.50, Serviio/1.8 * Linux, UPnP/1.0 DLNADOC/1.50, Serviio/1.8

### Summary Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on your connected home network. ### Description The version of Serviio installed on the remote Windows/Linux host is affected by an unauthenticated password modification vulnerability due to improper access control enforcement of the Configuration REST API. A remote attacker can exploit this, via a specially crafted request, to change the login password for the mediabrowser protected page. ### Vendor Petr Nejedly | Six Lines Ltd - http://www.serviio.org ### Affected Version * 1.8.0.0 PRO * 1.7.1 * 1.7.0 * 1.6.1 ### Tested On * Restlet-Framework/2.2 * Windows 7, UPnP/1.0 DLNADOC/1.50, Serviio/1.8 * Mac OS X, UPnP/1.0 DLNADOC/1.50, Serviio/1.8 * Linux, UPnP/1.0 DLNADOC/1.50, Serviio/1.8