MidnightBSD

Advisories for mediacrush

CVE-2025-61506

An issue was discovered in MediaCrush thru 1.0.1 allowing remote unauthenticated attackers to upload arbitrary files of any size to the /upload endpoint.

Products Affected

Vendor Product Version
mediacrush mediacrush *