CVE-2017-20217
Awaiting Analysis Awaiting Analysis - Queue
Information Disclosure in Serviio PRO 1.8 via REST API Access

Publication date: 2026-03-16

Last updated on: 2026-03-16

Assigner: VulnCheck

Description
Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control enforcement in the Configuration REST API that allows unauthenticated attackers to access sensitive information. Remote attackers can send specially crafted requests to the REST API endpoints to retrieve potentially sensitive configuration data without authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-16
Last Modified
2026-03-16
Generated
2026-06-16
AI Q&A
2026-03-16
EPSS Evaluated
2026-06-14
NVD
CVE-2017-20217
EUVD
EUVD-2017-18928
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
serviio serviio_pro to 1.8 (inc)
serviio serviio_pro 1.7.1
serviio serviio_pro 1.7.0
serviio serviio_pro 1.6.1
serviio pro to 1.8.0.0 (exc)
serviio pro 1.7.1
serviio pro 1.7.0
serviio pro 1.6.1
serviio pro 1.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2017-20217 is an information disclosure vulnerability in Serviio PRO version 1.8 and earlier. It occurs due to improper access control enforcement in the Configuration REST API, which allows unauthenticated remote attackers to send specially crafted HTTP requests to certain REST API endpoints and retrieve sensitive configuration data without any authentication.'}, {'type': 'list_item', 'content': 'The vulnerability affects multiple platforms including Windows, Linux, and Mac OS X.'}, {'type': 'list_item', 'content': 'Attackers can access sensitive information such as media streaming URLs, directory listings of system paths (e.g., /etc on Linux), and the MediaBrowser remote access password in plaintext.'}, {'type': 'list_item', 'content': "The exploit involves sending HTTP GET requests with the header 'Accept: application/xml' to REST API endpoints like /rest/import-export/online, /rest/list-folders, and /rest/remote-access."}, {'type': 'paragraph', 'content': 'This vulnerability arises because the REST API fails to enforce proper authentication and access controls on critical functions.'}] [1, 3, 4, 5]

Impact Analysis

This vulnerability can have significant impacts by exposing sensitive information to unauthorized remote attackers without requiring any authentication.

  • Attackers can obtain media streaming URLs, which could allow them to access or monitor media content streams.
  • They can retrieve directory listings of sensitive system paths, potentially revealing system structure and files that could be used for further attacks.
  • The MediaBrowser remote access password can be disclosed in plaintext, enabling attackers to gain unauthorized remote access to the media server.

Overall, this leads to a breach of confidentiality and could facilitate further exploitation or unauthorized access to the affected system.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by sending specially crafted HTTP GET requests to the Serviio PRO Configuration REST API endpoints without authentication and checking for sensitive information in the responses.'}, {'type': 'list_item', 'content': "Send HTTP GET requests with the header 'Accept: application/xml' to the following endpoints:"}, {'type': 'list_item', 'content': '1. /rest/import-export/online β€” to retrieve Serviio media links (e.g., video feed URLs).'}, {'type': 'list_item', 'content': '2. /rest/list-folders?directory=/etc (or other directories) β€” to list directory contents on the server.'}, {'type': 'list_item', 'content': '3. /rest/remote-access β€” to obtain the MediaBrowser remote access password in plaintext.'}, {'type': 'paragraph', 'content': 'For example, using curl commands to test the endpoints:'}, {'type': 'list_item', 'content': 'curl -H "Accept: application/xml" http://<target-ip>:<port>/rest/import-export/online'}, {'type': 'list_item', 'content': 'curl -H "Accept: application/xml" http://<target-ip>:<port>/rest/list-folders?directory=/etc'}, {'type': 'list_item', 'content': 'curl -H "Accept: application/xml" http://<target-ip>:<port>/rest/remote-access'}, {'type': 'paragraph', 'content': 'If these requests return XML data containing media links, directory listings, or plaintext passwords without authentication, the vulnerability is present.'}] [1, 4]

Mitigation Strategies

Immediate mitigation steps include restricting access to the Serviio PRO Configuration REST API to trusted users and networks only.

Specifically:

  • 1. Limit network access to the REST API endpoints by firewall rules or network segmentation to prevent unauthenticated external access.
  • 2. Disable or restrict the Configuration REST API if it is not required.
  • 3. Apply any available patches or updates from the vendor that address this vulnerability.

Since the vulnerability arises from improper access control enforcement, ensuring proper authentication and authorization on the REST API is critical.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2017-20217. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart