Submit #805275: AV Stumpfl Pixera Two Media Server < 25.2 R3 Arbitrary File Readinfo

TitleAV Stumpfl Pixera Two Media Server < 25.2 R3 Arbitrary File Read
DescriptionAn unauthenticated person with network access can perform Arbitrary File Reads on the Pixera Media Server by targeting the web server hosted on port 1338. This allows anyone on the network to read any file on the Pixera media server. --- Note: It appears Pixera's version format has changed over time. Previously, it used 2.0.XXX. Now it seems to use the year of release plus a minor version and revision number such as 25.2 R3. --- Vulnerability reporting and patching has been performed in 2025. Pending CVE-ID for disclosure.
Source⚠️ https://gist.github.com/TrebledJ/585a20525e45549f299d282233632608
User
 trebledj (UID 94356)
Submission04/14/2026 21:24 (3 months ago)
Moderation05/02/2026 22:41 (18 days later)
StatusAccepted
VulDB entry360873 [AV Stumpfl Pixera Two Media Server up to 25.1 R2 Service Port 1338 path traversal]
Points20

Want to know what is going to be exploited?

We predict KEV entries!