Emby Server-Side Request Forgery Vulnerability

Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in Emby for Windows, specifically in version 4.8. This vulnerability allows an attacker to manipulate the server into making requests on their behalf, potentially leading to unauthorized access to internal resources or services.

Impact

Exploitation of this vulnerability could allow an attacker to make unauthorized requests from the server, potentially accessing internal services or resources that are not exposed to the public.

Added: Jul 20, 2025, 3:21 PM

Updated: Jul 20, 2025, 3:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Emby Server-Side Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating