Vulnerability Database

310,709

Total vulnerabilities in the database

CVE-2020-36877

ReQuest Serious Play F3 Media Server 7.0.3 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands as the web server user. Attackers can upload PHP executable files via the Quick File Uploader page, resulting in remote code execution on the server.

Published: Dec 5, 2025
Updated: Dec 6, 2025
CVE: CVE-2020-36877
Exploit:

No technical information available.

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

No affected software listed.

http://request.com/
https://www.exploit-db.com/exploits/48952
https://www.vulncheck.com/advisories/request-serious-play-f-media-server-unauthenticated-rce
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5602.php

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo