Prince Radio Player CVE-2026-24548
MEDIUMSeverity by source
AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
Lifecycle Timeline
3DescriptionCVE.org
Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91.
AnalysisAI
Prince Radio Player versions 2.0.91 and earlier are vulnerable to Server-Side Request Forgery (SSRF), enabling unauthenticated remote attackers to make arbitrary requests from the affected server. This could allow attackers to access internal resources, scan internal networks, or interact with backend services that should not be directly accessible.
Technical ContextAI
Classified as CWE-918 (Server-Side Request Forgery (SSRF)). Affects Prince Radio Player radio-player. Server-Side Request Forgery (SSRF) vulnerability in Prince Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.91.
Affected ProductsAI
Product: Prince Radio Player radio-player.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today