How to fix EUVD-2020-30826?

Within 24 hours: Identify and inventory all systems running ReQuest Serious Play Media Player 3.0 and isolate them from untrusted networks if business-critical. Within 7 days: Implement compensating controls including WAF rules to block file parameter exploitation and disable the affected script if operationally feasible. Within 30 days: Contact vendor for patch availability status, evaluate migration to alternative media player solutions, and conduct forensic review of access logs to determine if exploitation has occurred.

EUVD-2020-30826

| CVE-2020-36878 HIGH

2025-12-05 [email protected]

Information Disclosure

8.7

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Lifecycle Timeline

Analysis Generated

Mar 15, 2026 - 17:08 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 17:08 euvd

EUVD-2020-30826

PoC Detected

Dec 08, 2025 - 18:26 vuln.today

Public exploit code

CVE Published

Dec 05, 2025 - 18:15 nvd

HIGH 8.7

DescriptionNVD

ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability when input passed through the 'file' parameter in and script is not properly verified before being used to read web log files. Attackers can exploit this to disclose contents of files from local resources.

AnalysisAI

A remote code execution vulnerability in and script is not properly verified (CVSS 8.7). Risk factors: public PoC available.

Technical ContextAI

Vulnerability type: remote code execution. CVSS 8.7 indicates high severity. Affects and script is not properly verified.

RemediationAI

Monitor vendor channels for patch availability.

EUVD-2020-30826 vulnerability details – vuln.today

Back

EUVD-2020-30826

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code