CVE-2023-48702 : Vulnerability Insights and Analysis
Learn about CVE-2023-48702, a high-severity vulnerability in Jellyfin that allows remote code execution via custom FFmpeg binary. Find out the impact, affected versions, and mitigation steps.
Jellyfin Possible Remote Code Execution via custom FFmpeg binary.
Understanding CVE-2023-48702
This CVE involves a vulnerability in Jellyfin, a system for managing and streaming media, allowing potential remote code execution via a custom FFmpeg binary.
What is CVE-2023-48702?
Prior to version 10.8.13, an endpoint in Jellyfin allows arbitrary file execution using
ProcessStartInfoValidateVersionThe Impact of CVE-2023-48702
The impact of this vulnerability is rated as high with a CVSS V3.1 base score of 7.2. It affects confidentiality, integrity, and availability, requiring high privileges for exploitation.
Technical Details of CVE-2023-48702
This section covers the specific technical aspects of the CVE.
Vulnerability Description
The vulnerability lies in the
/System/MediaEncoder/PathAffected Systems and Versions
The vulnerability affects Jellyfin versions prior to 10.8.13.
Exploitation Mechanism
Exploitation involves setting up a network share with a UNC path pointing to an executable, triggering the server to run the executable locally.
Mitigation and Prevention
To address CVE-2023-48702, consider the following:
Immediate Steps to Take
- Upgrade Jellyfin to version 10.8.13 or newer to eliminate the vulnerability.
- Ensure that network shares are not accessible to untrusted users.
Long-Term Security Practices
- Regularly monitor for security updates and apply patches promptly.
- Implement strong authentication measures and access controls to prevent unauthorized access.
Patching and Updates
Refer to the following resources for patching and updates: