2025-11-19 17:41:36
rapid7
PUBLISHED
Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrators username and encrypted password.