Skip to main content

Lyrion Music Server CVE-2026-50234

| EUVD-2026-34833 HIGH
Path Traversal (CWE-22)
2026-06-05 VulnCheck GHSA-c46g-chv5-xw5r
Path Traversal Lyrion Music Server
8.7
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
Analysis Updated
Jun 05, 2026 - 14:28 vuln.today
v3 (cvss_changed)
Analysis Updated
Jun 05, 2026 - 14:28 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jun 05, 2026 - 14:22 vuln.today
cvss_changed
CVSS changed
Jun 05, 2026 - 14:22 NVD
7.5 (HIGH) 8.7 (HIGH)
Analysis Generated
Jun 05, 2026 - 14:15 vuln.today

DescriptionCVE.org

Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory structure.

AnalysisAI

Unauthenticated arbitrary file read in Lyrion Music Server 9.2.0 allows remote attackers to retrieve sensitive files from the host by manipulating directory traversal sequences in file path parameters handled by the embedded web server. The flaw is network-reachable with no authentication or user interaction required, and publicly available exploit code exists via the Zero Science Lab advisory ZSL-2026-5992. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify exposed Lyrion web server on TCP/9000
Delivery
Craft HTTP request with ../ traversal in path parameter
Exploit
Server resolves path outside document root
Execution
Read sensitive files as service account
Impact
Exfiltrate credentials or configuration for follow-on access
Sign in to reveal

Vulnerability AssessmentAI

Exploitation No special conditions - remote unauthenticated exploitation against default configurations of Lyrion Music Server 9.2.0 over the HTTP web interface (default TCP/9000); CVSS 4.0 vector AV:N/AC:L/AT:N/PR:N/UI:N confirms no authentication, no user interaction, and no attack requirements. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N yields a base of 8.7 and accurately reflects a high-confidentiality, network-reachable, unauthenticated bug with no integrity or availability impact - consistent with arbitrary file read. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker discovers an internet-exposed Lyrion Music Server (e.g., via Shodan search for the default 9000/tcp banner), then issues a single crafted HTTP GET request with '../' sequences in a file path parameter to retrieve files such as the server's configuration, stored credentials, SSH keys, or '/etc/passwd' on Linux hosts. Because a public PoC exists in the Zero Science Lab advisory and the bug requires no authentication or user interaction, the attack can be performed with curl in seconds and is trivial to script for opportunistic scanning.
Remediation No vendor-released patch identified at time of analysis - neither reference points to a fixed version, so operators should monitor the LMS Community project for an updated release beyond 9.2.0 and consult the VulnCheck advisory at https://www.vulncheck.com/advisories/lyrion-music-server-path-traversal-file-read and Zero Science Lab advisory at https://www.zeroscience.mk/en/vulnerabilities/ZSL-2026-5992.php for fix tracking. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all Lyrion Music Server 9.2.0 instances and assess network exposure to untrusted users. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-50234 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy