Jump to content

Question about security


CatSama

Recommended Posts

CatSama

My Emby server‘s version is 4.7.0.6

I found I can use 

https://{host:port}/emby/Audio/{item_number}/universal?UserId=1   to access  all my audios in my Emby server

https://{host:port}/emby/Items/{item_number}/Images/Primary?maxWidth=2561&quality=90 to access all my pictures and photos 

https://{host:port}/emby/videos/{item_number}/stream.mp4  to access all my movies and videos

without any authentication

 

It means if I knows someone's Emby server's host address.

I can easily write a program to detect and download all his media in his Emby server.

I disabled "Remote Access"  when I found this problem.

 

but the question is 

is Emby safe on the Internet?

How to make sure it?

Edited by CatSama
Link to comment
Share on other sites

The audio and video urls are only accessible that way on the local network. On a remote connection they would be rejected.

Link to comment
Share on other sites

CatSama
22 hours ago, Luke said:

The audio and video urls are only accessible that way on the local network. On a remote connection they would be rejected.

@Luke

Thanks , I have tested audio and video.

But I can still direct access my photos on a remote connection.

I really don't want somebody access my private photos without my confirm.

Do we have any plan to fix this?

Edited by CatSama
Link to comment
Share on other sites

pünktchen
42 minutes ago, CatSama said:

@Luke

Thanks , I have tested audio and video.

But I can still direct access my photos on a remote connection.

I really don't want somebody access my private photos without my confirm.

Do we have any plan to fix this?

Take a look here: https://emby.media/community/index.php?/topic/84893-images-dont-require-api_key/&tab=comments#comment-1043565

I doubt we will see a solution anytime soon.

Link to comment
Share on other sites

DJkhaled

Close your ports use iptables or just don't add personal media, anything online not just emby is always susceptible to the rest of the world. One of my emby servers are hosted from a McDonalds franchise on a vps you think they know ? Honestly it's up to you to secure your home media emby server as there always will be security flaws in all software.

Link to comment
Share on other sites

CatSama
10 hours ago, DJkhaled said:

Close your ports use iptables or just don't add personal media, anything online not just emby is always susceptible to the rest of the world. One of my emby servers are hosted from a McDonalds franchise on a vps you think they know ? Honestly it's up to you to secure your home media emby server as there always will be security flaws in all software.

Good news, all operating systems and software no longer need to release patches to fix bugs.

Because "there always will be security flaws in all software".

 

Link to comment
Share on other sites

  • 2 weeks later...
DJkhaled
On 8/12/2021 at 6:23 AM, CatSama said:

Good news, all operating systems and software no longer need to release patches to fix bugs.

Because "there always will be security flaws in all software".

 

Can't you set external ip addresses that emby will allow and block everything else ? Until it gets patched ? What have you tried if anything ? 

Link to comment
Share on other sites

  • 9 months later...
CatSama
On 2021/8/10 at PM10点40分, pünktchen said:

而这让事情变得更糟!!!

see?

They just don't care.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...