module
Emby SSRF HTTP Scanner
| Disclosed | Created |
|---|---|
| N/A | Jun 13, 2021 |
Disclosed
N/A
Created
Jun 13, 2021
Description
Generates a `GET` request to the provided web servers and executes an SSRF against
the targeted EMBY server. Returns the server header, HTML title attribute and
location header (if set). This is useful for rapidly identifying web applications
on the internal network using the Emby SSRF vulnerability (CVE-2020-26948).
the targeted EMBY server. Returns the server header, HTML title attribute and
location header (if set). This is useful for rapidly identifying web applications
on the internal network using the Emby SSRF vulnerability (CVE-2020-26948).
Author
Btnz
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.