CVE-1999-1561 is a vulnerability in Nullsoft SHOUTcast server version 1.9.7 where the administrative password is stored in plaintext within the configuration file named sc_serv.conf. This design flaw exposes the administrative credentials to any local user who can access the server's filesystem. Since the password is not encrypted or hashed, an attacker with local access can easily retrieve the password and gain administrative privileges on the SHOUTcast server. Administrative access allows the attacker to control the server, modify configurations, disrupt streaming services, or potentially pivot to other parts of the network. The vulnerability is classified with a CVSS score of 7.2 (high severity), reflecting the significant impact on confidentiality, integrity, and availability, combined with low attack complexity and no authentication required beyond local access. Although the vulnerability dates back to 1999 and no patches are available, the risk remains relevant for legacy systems still running this version. There are no known exploits in the wild, but the simplicity of extracting plaintext passwords from configuration files makes exploitation straightforward for any local user.

For European organizations using Nullsoft SHOUTcast server version 1.9.7, this vulnerability poses a serious risk. If an attacker gains local access—whether through compromised credentials, insider threat, or lateral movement—they can obtain administrative control over the streaming server. This can lead to unauthorized modification or disruption of media streaming services, impacting availability and service continuity. Additionally, administrative access could be leveraged to further infiltrate the organization's network, threatening broader IT infrastructure. Confidentiality is compromised as the plaintext password exposure could facilitate unauthorized data access. Given the age of the vulnerability, it is most likely to affect organizations relying on legacy or unmaintained SHOUTcast servers, which may be found in smaller broadcasters, educational institutions, or niche media providers across Europe. The impact on brand reputation and regulatory compliance (e.g., GDPR) could be significant if the breach leads to data exposure or service outages.

Since no official patch is available for this vulnerability, European organizations should take immediate practical steps to mitigate risk: 1) Upgrade or migrate from Nullsoft SHOUTcast server version 1.9.7 to a more recent, supported streaming server software that does not store passwords in plaintext. 2) Restrict local filesystem access to the sc_serv.conf configuration file strictly to trusted administrators using OS-level permissions and access control lists. 3) Implement strong host-based security controls such as endpoint detection and response (EDR) to monitor and alert on unauthorized local access attempts. 4) Use network segmentation to isolate the SHOUTcast server from critical infrastructure and limit lateral movement opportunities. 5) Regularly audit and rotate administrative credentials, and consider using external authentication mechanisms if supported. 6) If upgrading is not immediately feasible, consider encrypting the configuration file at the filesystem level or using OS-level encryption tools to protect sensitive files. 7) Conduct security awareness training for administrators about the risks of plaintext password storage and local privilege escalation.