CVE-2020-36878
BaseFortify
Publication date: 2025-12-05
Last updated on: 2025-12-08
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| request | serious_play_media_player | 1.5.2.821 |
| request | serious_play_media_player | 2.1.0.831 |
| request | serious_play_media_player | 1.5.1.820 |
| request | serious_play_media_player | 3.0.0 |
| request | serious_play_media_player | 1.5.2.822 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to exploit the unauthenticated file disclosure via the 'file' parameter in the tail.html or file.html scripts. You can use tools like curl or wget to send crafted HTTP requests to the affected device, specifying the 'file' parameter with paths to sensitive files (e.g., C:\windows\win.ini or C:\ReQuest\mpweb\log\mpweb.log). For example, a command like: curl "http://<target-ip>/tail.html?file=C:\windows\win.ini" can be used to check if the file contents are disclosed. Monitoring for unusual HTTP requests containing directory traversal patterns or unexpected file paths in web server logs can also help detect exploitation attempts. [1, 2]
Can you explain this vulnerability to me?
This vulnerability in ReQuest Serious Play Media Player 3.0 allows an attacker to disclose contents of local files without authentication. It occurs because the 'file' parameter input is not properly verified before being used to read web log files, enabling unauthorized file disclosure.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can access sensitive files on the local system without any authentication, potentially leading to exposure of confidential information, system data leakage, and increased risk of further attacks.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the affected web interface (tail.html and file.html) by network segmentation or firewall rules to prevent unauthenticated external access. Disable or restrict the vulnerable scripts if possible. Monitor and block suspicious requests attempting directory traversal via the 'file' parameter. Applying any available patches or updates from the vendor is recommended, although no vendor response was noted. As a temporary measure, consider disabling the ReQuest Serious Play Media Player's web interface or isolating the device until a fix is available. [1, 3]