CVE-2020-5741βPlex Media Server Remote Code Execution Vulnerability
PUBLISHEDvulnerability record
2023-03-10 Β· last modified June 21, 2025
Metadata
Vulnerability Name
Plex Media Server Remote Code Execution Vulnerability
Description
Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.
Known To Be Used in Ransomware Campaigns?
Action
Apply updates per vendor instructions.