logo

CVE-2020-5741 - Plex Media Server Remote Code Execution Vulnerability

CVE-2020-5741

Plex | Media Server

  • Date Added:
  • 2023-03-10
  • Due Date:
  • 2023-03-31
Vulnerability Name

Plex Media Server Remote Code Execution Vulnerability

Description

Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://forums.plex.tv/t/security-regarding-cve-2020-5741/586819; https://nvd.nist.gov/vuln/detail/CVE-2020-5741

Free security scan for your website