CNNVD-202509-1173 Information

CNNVD ID

CNNVD-202509-1173

Related CVE

CVE-2025-58761

• CNNVD Published: 2025-09-09

Description (Chinese)

Tautulli是Tautulli开源的一款用于监控Plex Media Server（媒体服务器）的应用程序。 Tautulli 2.15.3及之前版本存在安全漏洞，该漏洞源于real_pms_image_proxy端点存在路径遍历，可能导致任意文件读取。

Description (English)

Tautulli is a Tautulli Open Source application to monitor Plex Media Server. There is a security loophole in Tautulli 2.15.3 and previous versions, which stems from the existence of a path through which a real pms image proxy endpoint may lead to any document being read.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

TDM Digital Signage

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/Tautulli/Tautulli/security/advisories/GHSA-r732-m675-wj7w https://github.com/Tautulli/Tautulli/commit/ec77a70aafc555e1aad0d9981f719d1200c117f1 https://access.redhat.com/security/cve/cve-2025-58761

Patch

https://github.com/Tautulli/Tautulli/releases