53387.rar May 2026

Unauthenticated Remote Code Execution (RCE).

Uniguest Tripleplay (Signage and IPTV platform). Vulnerable Versions: All versions prior to 24.2.1. 53387.rar

Upgrade Uniguest Tripleplay to version 24.2.1 or later immediately. Unauthenticated Remote Code Execution (RCE)

The server fails to sanitize the X-Forwarded-For header before processing it. 53387.rar

The flaw stems from via improper handling of the X-Forwarded-For header in HTTP GET requests.