Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-5741

Plex | Media ServerAdded 2023-03-10Remediation Deadline 2023-03-31

Plex Media Server Remote Code Execution Vulnerability

Plex Media Server contains a remote code execution vulnerability that allows an attacker with access to the server administrator's Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-502

References