Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-36402

Good to know:

icon

Date: January 16, 2025

Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the local homeserver in an unauthenticated way. The implication is that unauthenticated remote adversaries can use this functionality to plant problematic content into the media repository. MMR 1.3.5 introduces a partial mitigation in the form of new endpoints which require authentication for media downloads. The unauthenticated endpoints will be frozen in a future release, closing the attack vector. Though extremely limited, server operators can use more strict rate limits based on IP address as a partial workaround.

Severity Score

Related Resources (6)

https://github.com/matrix-org/matrix-spec-proposals/pull/3916
https://github.com/t2bot/matrix-media-repo
https://pkg.go.dev/vuln/GO-2025-3397
https://github.com/t2bot/matrix-media-repo/security/advisories/GHSA-8vmr-h7h5-cqhg
https://nvd.nist.gov/vuln/detail/CVE-2024-36402
https://www.mend.io/vulnerability-database/CVE-2024-36402

Severity Score

Weakness Type (CWE)

Improper Authentication

CWE-287

Top Fix

icon

Upgrade Version

Upgrade to version github.com/t2bot/matrix-media-repo - v1.3.5

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): LOW

Do you need more information?

Contact Us