CVE-2025-48948: CWE-863: Incorrect Authorization in navidrome navidrome
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. In the threat model where administrators are trusted but regular users are not, this vulnerability represents a significant security risk when transcoding is enabled. Version 0.56.0 patches the issue.
AI Analysis
Technical Summary
CVE-2025-48948 is a high-severity vulnerability affecting Navidrome, an open-source web-based music collection server and streamer. The flaw is categorized under CWE-863, which pertains to incorrect authorization. Specifically, in Navidrome versions prior to 0.56.0, there is a permission verification weakness that allows any authenticated regular user to bypass authorization controls designed to restrict certain administrative operations. This vulnerability enables such users to perform administrator-only transcoding configuration tasks, including creating, modifying, and deleting transcoding settings. Transcoding in Navidrome involves converting audio files into different formats or bitrates, which can impact server resource usage and user experience. The threat model assumes that administrators are trusted, but regular users are not; thus, this flaw represents a significant security risk when transcoding is enabled. Exploiting this vulnerability does not require elevated privileges beyond regular user authentication, nor does it require user interaction beyond login. The CVSS 4.0 base score is 7.4 (high), reflecting the network attack vector, low attack complexity, no privileges required beyond regular user, no user interaction, and high impact on confidentiality, integrity, and availability. The vulnerability was publicly disclosed on May 30, 2025, and patched in version 0.56.0 of Navidrome. No known exploits are currently reported in the wild. This vulnerability could allow malicious users to manipulate transcoding settings, potentially leading to denial of service, resource exhaustion, or unauthorized access to media content through altered transcoding configurations.
Potential Impact
For European organizations using Navidrome as their music streaming or media server solution, this vulnerability poses a significant risk. Unauthorized modification of transcoding settings by regular users could lead to service disruptions, degraded performance, or exposure of sensitive media content. In environments where Navidrome is integrated into larger media distribution or archival systems, this could impact availability and integrity of media services. Additionally, if transcoding configurations are manipulated to exploit server resources, it could result in denial of service conditions affecting other users or services hosted on the same infrastructure. The confidentiality impact is also notable, as unauthorized changes might enable access to media streams or files that should be restricted. Organizations relying on Navidrome for internal or public-facing media services must consider the risk of insider threats or compromised user accounts exploiting this flaw. Given the ease of exploitation (requiring only authenticated user access) and the high impact on core system functions, European entities should prioritize remediation to maintain service integrity and security compliance.
Mitigation Recommendations
1. Immediate upgrade to Navidrome version 0.56.0 or later, where the authorization flaw is patched, is the most effective mitigation. 2. Restrict user account creation and enforce strong authentication policies to limit the number of regular users who can log in, reducing the attack surface. 3. Implement network segmentation and access controls to isolate Navidrome servers from untrusted networks and users. 4. Monitor and audit transcoding configuration changes regularly to detect unauthorized modifications promptly. 5. Employ application-layer firewalls or Web Application Firewalls (WAFs) with custom rules to detect and block unauthorized API calls related to transcoding settings. 6. If upgrading immediately is not feasible, temporarily disable transcoding features or restrict transcoding configuration access to trusted administrators only, if possible through configuration. 7. Educate administrators and users about the risks associated with this vulnerability and encourage vigilance for suspicious activities. 8. Integrate Navidrome logs with centralized Security Information and Event Management (SIEM) systems to enhance detection capabilities.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Norway, Denmark, Belgium, Italy
CVE-2025-48948: CWE-863: Incorrect Authorization in navidrome navidrome
Description
Navidrome is an open source web-based music collection server and streamer. A permission verification flaw in versions prior to 0.56.0 allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. In the threat model where administrators are trusted but regular users are not, this vulnerability represents a significant security risk when transcoding is enabled. Version 0.56.0 patches the issue.
AI-Powered Analysis
Technical Analysis
CVE-2025-48948 is a high-severity vulnerability affecting Navidrome, an open-source web-based music collection server and streamer. The flaw is categorized under CWE-863, which pertains to incorrect authorization. Specifically, in Navidrome versions prior to 0.56.0, there is a permission verification weakness that allows any authenticated regular user to bypass authorization controls designed to restrict certain administrative operations. This vulnerability enables such users to perform administrator-only transcoding configuration tasks, including creating, modifying, and deleting transcoding settings. Transcoding in Navidrome involves converting audio files into different formats or bitrates, which can impact server resource usage and user experience. The threat model assumes that administrators are trusted, but regular users are not; thus, this flaw represents a significant security risk when transcoding is enabled. Exploiting this vulnerability does not require elevated privileges beyond regular user authentication, nor does it require user interaction beyond login. The CVSS 4.0 base score is 7.4 (high), reflecting the network attack vector, low attack complexity, no privileges required beyond regular user, no user interaction, and high impact on confidentiality, integrity, and availability. The vulnerability was publicly disclosed on May 30, 2025, and patched in version 0.56.0 of Navidrome. No known exploits are currently reported in the wild. This vulnerability could allow malicious users to manipulate transcoding settings, potentially leading to denial of service, resource exhaustion, or unauthorized access to media content through altered transcoding configurations.
Potential Impact
For European organizations using Navidrome as their music streaming or media server solution, this vulnerability poses a significant risk. Unauthorized modification of transcoding settings by regular users could lead to service disruptions, degraded performance, or exposure of sensitive media content. In environments where Navidrome is integrated into larger media distribution or archival systems, this could impact availability and integrity of media services. Additionally, if transcoding configurations are manipulated to exploit server resources, it could result in denial of service conditions affecting other users or services hosted on the same infrastructure. The confidentiality impact is also notable, as unauthorized changes might enable access to media streams or files that should be restricted. Organizations relying on Navidrome for internal or public-facing media services must consider the risk of insider threats or compromised user accounts exploiting this flaw. Given the ease of exploitation (requiring only authenticated user access) and the high impact on core system functions, European entities should prioritize remediation to maintain service integrity and security compliance.
Mitigation Recommendations
1. Immediate upgrade to Navidrome version 0.56.0 or later, where the authorization flaw is patched, is the most effective mitigation. 2. Restrict user account creation and enforce strong authentication policies to limit the number of regular users who can log in, reducing the attack surface. 3. Implement network segmentation and access controls to isolate Navidrome servers from untrusted networks and users. 4. Monitor and audit transcoding configuration changes regularly to detect unauthorized modifications promptly. 5. Employ application-layer firewalls or Web Application Firewalls (WAFs) with custom rules to detect and block unauthorized API calls related to transcoding settings. 6. If upgrading immediately is not feasible, temporarily disable transcoding features or restrict transcoding configuration access to trusted administrators only, if possible through configuration. 7. Educate administrators and users about the risks associated with this vulnerability and encourage vigilance for suspicious activities. 8. Integrate Navidrome logs with centralized Security Information and Event Management (SIEM) systems to enhance detection capabilities.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2025-05-28T18:49:07.583Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 683a0a8d182aa0cae2be196d
Added to database: 5/30/2025, 7:44:13 PM
Last enriched: 7/8/2025, 1:54:36 PM
Last updated: 8/7/2025, 6:00:20 AM
Views: 47
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.