CNNVD-202509-1175 Information

CNNVD ID

CNNVD-202509-1175

Related CVE

CVE-2025-58760

• CNNVD Published: 2025-09-09

Description (Chinese)

Tautulli是Tautulli开源的一款用于监控Plex Media Server（媒体服务器）的应用程序。 Tautulli 2.15.3及之前版本存在安全漏洞，该漏洞源于/image端点存在路径遍历，可能导致任意文件读取。

Description (English)

Tautulli is a Tautulli Open Source application to monitor Plex Media Server. There is a security loophole in Tautulli 2.15.3 and earlier versions, which stems from the existence of a /image endpoint, which may lead to any document being read.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

TDM Digital Signage

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/Tautulli/Tautulli/commit/47566128e2e5dde98980d59b7a51b98173bc0b40 https://github.com/Tautulli/Tautulli/security/advisories/GHSA-8g4r-8f3f-hghp https://access.redhat.com/security/cve/cve-2025-58760

Patch

https://github.com/Tautulli/Tautulli/releases