{"id":133875,"date":"2025-11-20T11:18:52","date_gmt":"2025-11-20T11:18:52","guid":{"rendered":"https:\/\/cybersecuritynews.com\/?p=133875"},"modified":"2025-11-20T11:18:59","modified_gmt":"2025-11-20T11:18:59","slug":"twonky-server-vulnerabilities","status":"publish","type":"post","link":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/","title":{"rendered":"Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication"},"content":{"rendered":"\n

Twonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to gain full administrative access to the media server software.<\/p>\n\n\n\n

Rapid7 discovered that the vulnerabilities can be chained together to compromise administrator accounts without any user interaction or valid credentials. The vulnerabilities affect Twonky Server installations on both Linux and Windows platforms.<\/p>\n\n\n\n

Twonky Server is widely deployed in network-attached storage (NAS)<\/a> devices, routers, set-top boxes, and gateways worldwide. With approximately 850 instances currently exposed to the public internet, according to Shodan data.<\/p>\n\n\n\n

Vulnerabilities Let Attackers Bypass Authentication<\/strong><\/h2>\n\n\n\n

The first vulnerability (CVE-2025-13315) allows attackers to bypass API authentication controls through an alternative routing mechanism.<\/p>\n\n\n\n

By using the “\/nmc\/rpc\/” prefix instead of the standard “\/rpc\/” path, attackers can access the log_getfile endpoint without authentication<\/a>.<\/p>\n\n\n

\n
\"\"\/<\/figure><\/div>\n\n\n

This endpoint exposes application logs containing the administrator’s username and encrypted password.<\/p>\n\n\n\n

The second vulnerability (CVE-2025-13316) makes password decryption easy. Twonky Server uses hardcoded Blowfish encryption keys across all installations.<\/p>\n\n\n\n

CVE<\/th>Description<\/th>CVSS Score<\/th><\/tr><\/thead>
CVE-2025-13315<\/td>API authentication bypass via alternative routing<\/td>9.3 (Critical)<\/td><\/tr>
CVE-2025-13316<\/td>Hardcoded encryption keys enable password decryption<\/td>8.2 (High)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

Rapid7 researchers identified twelve static keys embedded in the compiled binary, meaning any attacker with knowledge of the encrypted password can decrypt it to plaintext using these publicly available keys.<\/p>\n\n\n\n

Rapid7 correctly reported <\/a>these vulnerabilities to Lynx Technology, the vendor behind Twonky Server.<\/p>\n\n\n\n

However, the vendor ceased communications after acknowledging receipt of the technical disclosure and stated that patches would not be possible.<\/p>\n\n\n\n

Version 8.5.2 remains the latest available release with no security updates. Organizations using Twonky Server should immediately restrict application traffic to trusted IP addresses only.<\/p>\n\n\n\n

All administrator credentials should be considered compromised and rotated if the server is exposed to untrusted networks.<\/p>\n\n\n\n

Rapid7 has released a Metasploit module that demonstrates the complete exploitation chain and plans to provide detection capabilities in its vulnerability scanning tools.<\/p>\n\n\n\n

Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

Twonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to gain full administrative access to the media server software. Rapid7 discovered that the vulnerabilities can be chained together to compromise administrator accounts without any user interaction or valid credentials. The vulnerabilities affect Twonky Server installations on both Linux and Windows […]<\/p>\n","protected":false},"author":27,"featured_media":133879,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp","fifu_image_alt":"Twonky Server Vulnerabilities","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[11,2737],"tags":[2283,149,151],"class_list":{"0":"post-133875","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security-news","8":"category-vulnerability-news","9":"tag-cve-vulnerabilities","10":"tag-cyber-security","11":"tag-cyber-security-news"},"yoast_head":"\nCritical Twonky Server Vulnerabilities Let Attackers Bypass Authentication<\/title>\n<meta name=\"description\" content=\"Twonky Server has authentication bypass vulnerabilities that allow attackers to gain full administrative access to the media server software.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication\" \/>\n<meta property=\"og:description\" content=\"Twonky Server has authentication bypass vulnerabilities that allow attackers to gain full administrative access to the media server software.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Security News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Hackingtutorialsandnews\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-20T11:18:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-11-20T11:18:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp\" \/><meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"662\" \/>\n\t<meta property=\"og:image:height\" content=\"377\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Abinaya\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:site\" content=\"@The_Cyber_News\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Abinaya\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication","description":"Twonky Server has authentication bypass vulnerabilities that allow attackers to gain full administrative access to the media server software.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication","og_description":"Twonky Server has authentication bypass vulnerabilities that allow attackers to gain full administrative access to the media server software.","og_url":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/","og_site_name":"Cyber Security News","article_publisher":"https:\/\/www.facebook.com\/Hackingtutorialsandnews","article_published_time":"2025-11-20T11:18:52+00:00","article_modified_time":"2025-11-20T11:18:59+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp","type":"","width":"","height":""},{"width":662,"height":377,"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp","type":"image\/jpeg"}],"author":"Abinaya","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp","twitter_creator":"@The_Cyber_News","twitter_site":"@The_Cyber_News","twitter_misc":{"Written by":"Abinaya","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/"},"author":{"name":"Abinaya","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/1a94534cae789bad6ff3d6a1c4bfcda1"},"headline":"Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication","datePublished":"2025-11-20T11:18:52+00:00","dateModified":"2025-11-20T11:18:59+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/"},"wordCount":334,"publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"image":{"@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp?w=662&resize=662,377&ssl=1","keywords":["CVE Vulnerabilities","cyber security","cyber security news"],"articleSection":["Cyber Security News","Vulnerability News"],"inLanguage":"en-US","copyrightYear":"2025","copyrightHolder":{"@id":"https:\/\/cybersecuritynews.com\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/","url":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/","name":"Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication","isPartOf":{"@id":"https:\/\/cybersecuritynews.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/#primaryimage"},"image":{"@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp?w=662&resize=662,377&ssl=1","datePublished":"2025-11-20T11:18:52+00:00","dateModified":"2025-11-20T11:18:59+00:00","description":"Twonky Server has authentication bypass vulnerabilities that allow attackers to gain full administrative access to the media server software.","breadcrumb":{"@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/#primaryimage","url":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp?w=662&resize=662,377&ssl=1","contentUrl":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp?w=662&resize=662,377&ssl=1","width":"662","height":"377","caption":"Twonky Server Vulnerabilities"},{"@type":"BreadcrumbList","@id":"https:\/\/cybersecuritynews.com\/twonky-server-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersecuritynews.com\/"},{"@type":"ListItem","position":2,"name":"Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication"}]},{"@type":"WebSite","@id":"https:\/\/cybersecuritynews.com\/#website","url":"https:\/\/cybersecuritynews.com\/","name":"Cyber Security News","description":"World's #1 Premier Cybersecurity and Hacking News Portal","publisher":{"@id":"https:\/\/cybersecuritynews.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersecuritynews.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersecuritynews.com\/#organization","name":"Cyber Security News","url":"https:\/\/cybersecuritynews.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","contentUrl":"https:\/\/cybersecuritynews.com\/wp-content\/uploads\/2021\/06\/Cyber-security.jpg","width":200,"height":200,"caption":"Cyber Security News"},"image":{"@id":"https:\/\/cybersecuritynews.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Hackingtutorialsandnews","https:\/\/x.com\/The_Cyber_News","https:\/\/www.linkedin.com\/company\/cybersecurity-news\/"]},{"@type":"Person","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/1a94534cae789bad6ff3d6a1c4bfcda1","name":"Abinaya","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersecuritynews.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/915429ce96054c30e324319044dd9dea3921978fcef4cc62ef69d7c2f53ce2a7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/915429ce96054c30e324319044dd9dea3921978fcef4cc62ef69d7c2f53ce2a7?s=96&d=mm&r=g","caption":"Abinaya"},"description":"Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.","sameAs":["https:\/\/www.cybersecuritynews.com"],"url":"https:\/\/cybersecuritynews.com\/author\/abi\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEig7MmADsnysEuDvUIowU7L8FQPAyhjLZ4HktXT0vmwUCHZkn5x8LmrrP53hzVZeiNZKH0JPJVt9l6AdJiWvcfgoc_chwGqDYGz-3ooghboGxWeoa1VvLplihr2yrV0hZklZ9Fcpvo9GDDFRgJgEFHkI-IjwK5rl4dn8AM9zmZiGMoLwiJvRBO9BZLWvuc\/s1600\/Critical%20Twonky%20Server%20Vulnerabilities%20Let%20Attackers%20Bypass%20Authentication%20%281%29.webp?w=662&resize=662,377&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/133875","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/comments?post=133875"}],"version-history":[{"count":2,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/133875\/revisions"}],"predecessor-version":[{"id":133913,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/posts\/133875\/revisions\/133913"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media\/133879"}],"wp:attachment":[{"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/media?parent=133875"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/categories?post=133875"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecuritynews.com\/wp-json\/wp\/v2\/tags?post=133875"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}